What about the SSH model? In the Postgres context, this would basically be a table containing authorized certificates for each user. Upon receiving a connection attempt, look up the user and the presented certificate and see if it is one of the authorized ones. If so, do the usual verification that the client really does have the corresponding private key and if so, authenticate the connection.
This is way simpler than messing around with certificate authorities. Please, if anybody can give a coherent explanation why this isn't the first certificate authentication model supported, I would love to understand.
On 05/25/20 23:22, Laurenz Albe wrote:
> I don't know if there is a way to get this to work, but the
> fundamental problem seems that you have got the system wrong.
>
> If you don't trust WE ISSUE TO EVERYBODY, then you shouldn't use
> it as a certification authority.
That's a reasonable viewpoint.
I've worked in organizations from smallish to largish, and in the
largish ones, sometimes there are Ways Of Doing Things, that were
laid down by Other People.
There the challenge becomes how to piece together practices that
maximize my comfort level, within the ways of doing things that
come down from others.
If the libpq root.crt file can be made to work similarly to a
Java trustStore, that expands the possible solution space.
Regards,
-Chap
