On Thursday 20 September 2007 05:15:39 Albe Laurenz wrote:
>
> What does pg_hba.conf look like?
I don't know if I misunderstood him, but I thought he was willing to have SSL
on both sides, i.e., both the client and the server identify themselves
trough SSL certificates.
Even though one can require connections using only SSL on the server side, I
don't see a method (in pg_hba.conf) that would allow clients with SSL
certificates.
All I have here is:
# METHOD can be "trust", "reject", "md5", "crypt", "password",
# "krb5", "ident", "pam" or "ldap". Note that "password" sends passwords
# in clear text; "md5" is preferred since it sends encrypted passwords.
At least, this is what I understand by "client certificate"...
--
Jorge Godoy <jgodoy@gmail.com>
