Tom Lane wrote:
> BTW, as of CVS tip, if the server has a root.crt file and the client
> does not have any certificate files, the default behavior is that
> connections fail:
>
> $ psql -h localhost regression
> psql: could not open certificate file "/home/tgl/.postgresql/postgresql.crt": No such file or directory
> $
>
> I'm not sure if this is desirable. Should libpq try to fall back to a
> non-SSL-encrypted connection, instead?
Only if the server certificate validates, otherwise an active attacker
could intercept the SSL connection to force libpq to fall back to
non-SSL and then intercept the unencrypted/unauthenticated connection.
Does openssl lets you detect a "server cert OK but no suitable client
cert provided" error easily?
-O
