Home > mailing lists

Re: hba_conf hostssl clientcert=1 no longer required in 9.4 - Mailing list pgsql-docs

From	Srikanth Venkatesh
Subject	Re: hba_conf hostssl clientcert=1 no longer required in 9.4
Date	July 18, 2016 04:31:43
Msg-id	CAOwxV4qTaY_2JqhZ1=zX7po4eLnMfj2dzPU+7v1P30e6+ue05w@mail.gmail.com Whole thread Raw
In response to	hba_conf hostssl clientcert=1 no longer required in 9.4 (srix55@gmail.com)
List	pgsql-docs

Tree view

I guess it should mention that setting the parameter to 1 is no longer required... and that the default is 1 for "cert".

On Thu, Jul 14, 2016 at 11:00 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:

srix55@gmail.com writes:
> The following documentation comment has been logged on the website:
> Page: https://www.postgresql.org/docs/9.4/static/ssl-tcp.html
> Description:

> 17.9.1. Using Client Certificates
> (https://www.postgresql.org/docs/9.4/static/ssl-tcp.html)

> The first paragraph contains this line "...and set the clientcert parameter
> to 1 on the appropriate hostssl line(s) in pg_hba.conf" which isn't right
> for 9.4.

Hmm, what do you think isn't right about it?

ISTM there's an omission here, which is that it'd be useful to mention
that clientcert=1 is assumed for the "cert" authentication method. But
the text seems okay as far as it goes.

regards, tom lane

pgsql-docs by date:

From: Tom Lane
Date: 16 July 2016, 21:15:03
Subject: Re: hba_conf hostssl clientcert=1 no longer required in 9.4

From: Tom Lane
Date: 18 July 2016, 20:33:55
Subject: Re: A mess with the BRIN's inclusion strategies

Re: hba_conf hostssl clientcert=1 no longer required in 9.4 - Mailing list pgsql-docs

Previous

Next