Re: SSL Support

From: Kaare Rasmussen <kar(at)kakidata(dot)dk>
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: SSL Support
Date: 2004-09-21 08:44:22
Message-ID: 200409211044.22690.kar@kakidata.dk
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi

> I think verification of the server certificates is not supported either.
> SSL only serves for encryption, not authentication or integrity checking
> (which is probably a stupid idea).

I have this feeling that SSL in PostgreSQL isn't category 1 supported if you
can put it that way. Maybe I'm wrong?

Another way to ensure encrypted (and authenticated, I believe) connections is
to use stunnel with PostgreSQL.

I'm not sure which solution is the best. SSL in PostgreSQL is integrated.
Stunnel has the advantage of being more generic. having tried none, I don't
know about performance.

--
Kaare Rasmussen --Linux, spil,-- Tlf: 3816 2582
Kaki Data tshirts, merchandize Fax: 3816 2501
Nordre Fasanvej 12 Åben 12.00-18.00 Email: kar(at)kakidata(dot)dk
2000 Frederiksberg Lørdag 12.00-16.00 Web: www.suse.dk

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Michael Paesold 2004-09-21 09:04:41 Re: Disabling bgwriter on my notebook
Previous Message Peter Eisentraut 2004-09-21 08:17:51 Re: SSL Support