Home > mailing lists

Re: SSL and USER_CERT_FILE round 2 - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: SSL and USER_CERT_FILE round 2
Date	May 15, 2008 15:47:57
Msg-id	482C5B26.6060605@dunslane.net Whole thread Raw
In response to	SSL and USER_CERT_FILE round 2 (pgsql@mohawksoft.com)
Responses	Re: SSL and USER_CERT_FILE round 2 (pgsql@mohawksoft.com)
List	pgsql-hackers

Tree view


pgsql@mohawksoft.com wrote:
> Adding "sslkey" and "sslcert" to the PQconnectdb connection string.
>
> After some discussion, I think it is more appropriate to add the key/cert
> file for SSL into the connect string. For example:
>
> PQconnectdb("host=foo dbname=bar sslmode=require
> sslkey=/opt/myapp/share/keys/client.key
> sslcert=/opt/myapp/share/keys/client.crt");
>
>
> Any comments?
>
>   

I think if you're going to provide for these then you should also 
provide for the CA cert and CRL.

Otherwise, it seems sensible.

cheers

andrew

pgsql-hackers by date:

From: "Marko Kreen"
Date: 15 May 2008, 15:33:55
Subject: Re: [rfc,patch] PL/Proxy in core

From: Zdenek Kotala
Date: 15 May 2008, 15:50:01
Subject: Re: bloated heapam.h

Re: SSL and USER_CERT_FILE round 2 - Mailing list pgsql-hackers

Previous

Next