Re: JDBC and certificates

Magnus Hagander wrote:
> Hi!
>
> As I'm sure some of you have seen, I've been overhauling the SSL stuff
> in libpq for 8.4, and also added some new server functions.
>
> I'd like to verify, well before the release, where the JDBC driver
> stands on these same issues, and try to make sure we have a common
> standpoint to dealing with this. Now, I don't actually use the JDBC
> driver myself - not a java guy - so pardon me for just asking these
> questions straight out even if it should be obvious :)
>
> 1) It is my understanding that the JDBC driver will do certificate
> validation of the servers certificate by default. Can someone confirm this?
>
> 2) Does the JDBC driver support client certificates, and if so, how?
> This *should* require no changes to work with the client certificate
> authentication method I'm hoping to get into 8.4, but it would be good
> to test that :-) And if it's not supported now, how much work would it
> be to add support for it?
>
>
<snip>

Hello

If you configure the standard Java SSL it will work - no patches
necessary. We're using it in production here. You have to setup the
server to require client certs.

See here for setting up Java SSL stuffs.
http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html

--
Vic Simkus

Department of Neurology, UIC
912 South Wood St.
Room 855N
Chicago IL 60612