Home > mailing lists

Re: Authenticating with x509 certificate - Mailing list pgsql-general

From	Magnus Hagander
Subject	Re: Authenticating with x509 certificate
Date	December 16, 2006 21:13:13
Msg-id	45846F5F.8010608@hagander.net Whole thread Raw
In response to	Authenticating with x509 certificate (Andre Lebedev <lebedev@fas.harvard.edu>)
List	pgsql-general

Tree view

Andre Lebedev wrote:
> Hello.
>
> Based on the information I was able to find so far, it seems that
> Postgres has the capability of authenticating users through x509
> certificate. But I can't find instructions on how to do it.
>
> Any help will be greatly appreciated!
>

It does not, unfortunately (yet - IIRC someone was working on it). It
can be configured to *require* a trusted client-side X509 certificate,
but it can't be used for authenticating the user.

To require a client certificate, create a list of root certs to match
against - see http://www.postgresql.org/docs/8.2/static/ssl-tcp.html.

//Magnus

pgsql-general by date:

From: "Vanyel"
Date: 16 December 2006, 21:00:50
Subject: Re: How to check constraints before call of simple_heap_insert()?

From: Magnus Hagander
Date: 16 December 2006, 21:14:34
Subject: Re: Failed to set permision Win2k3-PG Installation Issues

Re: Authenticating with x509 certificate - Mailing list pgsql-general

Previous

Next