This page in other versions: 9.0 / 9.1 / 9.2 / 9.3 / 9.4  |  Development versions: devel  |  Unsupported versions: 8.0 / 8.1 / 8.2 / 8.3 / 8.4

27.13. SSL Support

PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security. See Section 16.8 for details about the server-side SSL functionality.

If the server demands a client certificate, libpq will send the certificate stored in file ~/.postgresql/postgresql.crt within the user's home directory. A matching private key file ~/.postgresql/postgresql.key must also be present, and must not be world-readable. (On Microsoft Windows these files are named %APPDATA%\postgresql\postgresql.crt and %APPDATA%\postgresql\postgresql.key.)

If the file ~/.postgresql/root.crt is present in the user's home directory, libpq will use the certificate list stored therein to verify the server's certificate. (On Microsoft Windows the file is named %APPDATA%\postgresql\root.crt.) The SSL connection will fail if the server does not present a certificate; therefore, to use this feature the server must also have a root.crt file.

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group