Quick Links

Re: SSL cleanups/hostname verification

From:	Magnus Hagander <magnus(at)hagander(dot)net>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PG Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: SSL cleanups/hostname verification
Date:	2008-10-20 20:49:58
Message-ID:	48FCEEF6.8000502@hagander.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Robert Haas wrote:
>>> How can you make that the default? Won't it immediately break every
>>> installation without certificates?
>> *all* SSL installations have certificate on the server side. You cannot
>> run without it.
>
> s/without certificates/with self-signed certificates/
>
> which I would guess to be a common configuration

Self-signed still work. In a self-signed scenario, the server
certificate *is* the CA certificate.

//Magnus

In response to

Re: SSL cleanups/hostname verification at 2008-10-20 20:47:58 from Robert Haas

Responses

Re: SSL cleanups/hostname verification at 2008-10-21 08:04:02 from Peter Eisentraut

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Simon Riggs	2008-10-20 20:56:06	Re: [GENERAL] [HACKERS] Hot Standby utility and administrator functions
Previous Message	Alvaro Herrera	2008-10-20 20:49:04	Debian no longer dumps cores?