Re: no verification of client certificate?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Michael Fuhr <mike(at)fuhr(dot)org>
Cc: Ray Stell <stellr(at)cns(dot)vt(dot)edu>, pgsql-admin(at)postgresql(dot)org
Subject: Re: no verification of client certificate?
Date: 2007-03-26 04:04:21
Message-ID: 3130.1174881861@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin pgsql-docs

Michael Fuhr <mike(at)fuhr(dot)org> writes:
> On Sun, Mar 25, 2007 at 10:01:20PM -0400, Tom Lane wrote:
>> I looked more closely and you are right: if the server does not have
>> a root.crt file then it doesn't send its server cert to the client,
>> and so there's no way for the client to verify the cert.

> Eh? ssldump shows otherwise here with 8.2.3.

Well, if it works then why is the OP complaining?

Perhaps there is some non-obvious configuration issue that accounts
for the difference between your results and his?

regards, tom lane

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Michael Fuhr 2007-03-26 05:21:25 Re: no verification of client certificate?
Previous Message Michael Fuhr 2007-03-26 02:57:13 Re: no verification of client certificate?

Browse pgsql-docs by date

  From Date Subject
Next Message Michael Fuhr 2007-03-26 05:21:25 Re: no verification of client certificate?
Previous Message Michael Fuhr 2007-03-26 02:57:13 Re: no verification of client certificate?