Re: sslmode=require fallback - Mailing list pgsql-hackers

On 07/15/2016 09:55 AM, Tom Lane wrote:

> I'm inclined to think that a better answer than changing libpq's behavior
> is to encourage DBAs to specify "hostssl" in pg_hba.conf for all external
> connections.    


Do those packagers who install dummy certificates and turn SSL on also 
change their pg_hba.conf.sample files to use hostssl?. That could go a 
long way towards encouraging people.

cheers

andrew