Asia <asia123321@op.pl> writes:
> The problem is that I believe that this configuration could be better but I cannot put part
> of CA chain in root.crt as it was advised.
> For Java it all depends on current SSL Factory implementation, I was using the default one.
> If I wrote my own implementation I would probably be able to have common with libpq,
> requiring the least info, configuration (but actually I would prefer to avoid it).
You would be better off to ask about this on the pgsql-jdbc list; the
people who actually work with JDBC tend to hang out there. I'm not sure
how carefully any of them follow pgsql-general.
regards, tom lane