Skip site navigation (1) Skip section navigation (2)

Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: Martin Pitt <mpitt(at)debian(dot)org>, pgsql-bugs(at)postgresql(dot)org
Subject: Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt
Date: 2009-04-10 17:38:56
Message-ID: 26390.1239385136@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
Magnus Hagander <magnus(at)hagander(dot)net> writes:
> Tom Lane wrote:
>> In the first place, I have never seen such a prompt, despite the fact
>> that I use ssh constantly to connect to machines that I know do not have
>> properly signed certificates.

> *really*? Here's what I get as an example (after removing the trust):

> ha(at)mha-laptop:~/.ssh$ ssh cvs.postgresql.org
> The authenticity of host 'cvs.postgresql.org (217.196.146.206)' can't be
> established.
> DSA key fingerprint is 54:27:10:f3:48:0a:f0:b6:c3:14:79:7e:49:c0:75:f3.
> Are you sure you want to continue connecting (yes/no)? ^C

This simply tells you that the machine has a new key since last time you
talked to it.  It doesn't have anything to do with whether the machine's
cert has been signed by anybody.  It also doesn't prevent you from
operating without a root.crt file of your own.

			regards, tom lane

In response to

Responses

pgsql-bugs by date

Next:From: Magnus HaganderDate: 2009-04-10 17:56:14
Subject: Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt
Previous:From: Magnus HaganderDate: 2009-04-10 17:34:59
Subject: Re: libpq 8.4 beta1: $PGHOST complains about missing root.crt

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group