Re: patch: Client certificate requirements - Mailing list pgsql-hackers

On Sat, Nov 15, 2008 at 15:20, Alex Hunsaker <badalex@gmail.com> wrote:
> we do something like:
>
> +       if (access(ROOT_CERT_FILE, R_OK))
> +       {
> +               ssl_loaded_verify_locations = false;
> +
> +               /*
> +               * If root certificate file simply not found. Don't log
> an error here, because
> +               * it's quite likely the user isn't planning on using
> client certificates.
> +               *
> +               * Anything else gets logged (permission errors etc)
> +               */
> +               if (errno != ENOENT)
> +                       ereport(LOG,
> +                               (errmsg("could not load root
> certificate file \"%s\": %s",
> +                                               ROOT_CERT_FILE,
> strerror(errno)),
> +                                errdetail("Will not be able to verify
> client certificates.")));


Err that really should be ereport(FATAL,