Hello,
I am trying to deploy a PG db with client certificate auth. I have read the documentation, but I have a few questions. One of my goals is to be able to use two different CAs and as far as I see there is only one ssl_ca_file, I have tried to concatenate my certs as cert chain and use them, it seems to be working.
Since it's not fully documented, do you think this approach won't cause any problems in the future? Generally, I need this because when I have multiple pg servers (primary and standby) I need to use SSL. So PG requires the standby represents a valid client cert, but the client cert ca I need to use for the standby can be different from the client cert ca that will be issuing the other certs that I will be giving to the standard users.
Thanks,
Duygu
