Home > mailing lists

Re: SSL passphrase prompt external command - Mailing list pgsql-hackers

From	Robert Haas
Subject	Re: SSL passphrase prompt external command
Date	February 23, 2018 19:16:12
Msg-id	CA+TgmoYQbue92F6=8rr39W-fvGZB8-RL5MmunK0-2H7EFBbEtw@mail.gmail.com Whole thread Raw
In response to	SSL passphrase prompt external command (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
Responses	Re: SSL passphrase prompt external command (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

On Thu, Feb 22, 2018 at 10:14 PM, Peter Eisentraut
<peter.eisentraut@2ndquadrant.com> wrote:
> Here is a patch that adds a way to specify an external command for
> obtaining SSL passphrases.  There is a new GUC setting
> ssl_passphrase_command.
>
> Right now, we rely on the OpenSSL built-in prompting mechanism, which
> doesn't work in some situations, including under systemd.  This patch
> allows a configuration to make that work, e.g., with systemd-ask-password.

I have not reviewed the patch, but count me as an enthusiastic +1 for
the concept.

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

pgsql-hackers by date:

From: Robert Haas
Date: 23 February 2018, 19:15:10
Subject: Re: FOR EACH ROW triggers on partitioned tables

From: Thom Brown
Date: 23 February 2018, 19:28:17
Subject: Re: Translations contributions urgently needed

Re: SSL passphrase prompt external command - Mailing list pgsql-hackers

Previous

Next