Postgres Pro
Downloads
Home   >   mailing lists

Re: re-reading SSL certificates during server reload - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: re-reading SSL certificates during server reload
Date
Msg-id 20140827123425.GC16422@tamriel.snowman.net
Whole thread Raw
In response to Re: re-reading SSL certificates during server reload  (Magnus Hagander <magnus@hagander.net>)
List pgsql-hackers
Tree view 
* Magnus Hagander (magnus@hagander.net) wrote:
> That's certainly an issue. Potentially bigger ones are that you cannot
> replace an expired certificate or CRL without a restart.

+100.  I had forgotten about that issue- but it definitely sucks. :(

> Some of this is going to have to be at least partially reworked anyway
> in the work that Heikki has been diong to support non-openssl
> libraries. Making a change like this at the same time is probably a
> good idea.

Agreed.
Thanks,
    Stephen

pgsql-hackers by date:

Previous
From: Fujii Masao
Date:
Subject: Re: Function to know last log write timestamp
Next
From: Robert Haas
Date:
Subject: Re: Code bug or doc bug?