Home > mailing lists

Re: SSL cleanups/hostname verification - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: SSL cleanups/hostname verification
Date	October 21, 2008 12:48:34
Msg-id	18289.1224593255@sss.pgh.pa.us Whole thread Raw
In response to	Re: SSL cleanups/hostname verification (Gregory Stark <stark@enterprisedb.com>)
Responses	Re: SSL cleanups/hostname verification Re: SSL cleanups/hostname verification
List	pgsql-hackers

Tree view

Gregory Stark <stark@enterprisedb.com> writes:
> Sort of. SSH requires you to install the certificate of the server locally
> before connecting. If you don't it pops up a big warning and asks if you want
> to install it. On subsequent connections it looks up the key for the name of
> the host you're trying to connect to and insists it match. If it doesn't it
> pops up a *huge* error and refuses to connect.

Um, IIRC what it's checking there is the server's key signature, which
has nada to do with certificates.
        regards, tom lane

pgsql-hackers by date:

From: Gregory Stark
Date: 21 October 2008, 12:40:22
Subject: Re: SSL cleanups/hostname verification

From: Decibel!
Date: 21 October 2008, 12:54:14
Subject: Re: contrib/pg_stat_statements

Re: SSL cleanups/hostname verification - Mailing list pgsql-hackers

Previous

Next