Skip site navigation (1) Skip section navigation (2)

Re: Patch to support SSL certificate connections

From: Guillaume Lelarge <guillaume(at)lelarge(dot)info>
To: Dave Page <dpage(at)pgadmin(dot)org>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, pgadmin-hackers(at)postgresql(dot)org
Subject: Re: Patch to support SSL certificate connections
Date: 2011-01-28 18:24:36
Message-ID: 4D4309E4.8000208@lelarge.info (view raw or flat)
Thread:
Lists: pgadmin-hackers
Le 28/01/2011 09:37, Guillaume Lelarge a écrit :
> Le 28/01/2011 09:21, Dave Page a écrit :
>> On Fri, Jan 28, 2011 at 7:25 AM, Guillaume Lelarge
>> <guillaume(at)lelarge(dot)info> wrote:
>>> Le 28/01/2011 02:11, Dave Page a écrit :
>>>> On Thu, Jan 27, 2011 at 9:56 PM, Guillaume Lelarge
>>>> <guillaume(at)lelarge(dot)info> wrote:
>>>>> Le 22/01/2011 01:34, Guillaume Lelarge a écrit :
>>>>>> Le 21/01/2011 10:17, Magnus Hagander a écrit :
>>>>>>> On Thu, Jan 20, 2011 at 23:08, Guillaume Lelarge <guillaume(at)lelarge(dot)info> wrote:
>>>>>>>> Le 19/01/2011 00:35, Guillaume Lelarge a écrit :
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> This patch adds support to specify SSL certificate files and to connect
>>>>>>>>> according to those.
>>>>>>>>>
>>>>>>>>> It's pretty straightforward: four file pickers to handle on dlgServer,
>>>>>>>>> and changes in the connection code to add those parameters in the
>>>>>>>>> connection string.
>>>>>>>>>
>>>>>>>>
>>>>>>>> A screenshot attached so that you can see the UI without building pgAdmin :)
>>>>>>>>
>>>>>>>> Comments?
>>>>>>>
>>>>>>> I would move root cert up before the others. Also CRL.
>>>>>>>
>>>>>>> Root cert and CRL are about validating the *server* certificate. Key
>>>>>>> and cert file are about SSL authentication of the *client* (thus
>>>>>>> *client* certificates). They should definitely be in that order -
>>>>>>> perhaps even grouped with a headline?
>>>>>>>
>>>>>>
>>>>>> Done for moving widgets. Not sure grouped widgets could make sense here.
>>>>>>
>>>>>
>>>>> Here is what I finally managed to do. Comments?
>>>>
>>>> Why the change from the standard layout used everywhere else?
>>>>
>>>
>>> Because Magnus asked for that kind of design? (grouped with a headline)
>>
>> He suggested it, but that doesn't mean it has to be done. If we're
>> going to break the property dialog design guidelines and start laying
>> things out in new formats we need to be *really* careful to avoid
>> getting in an inconsistent mess.
>>
> 
> Yeah, I know. And "grouped with a headline" doesn't mean we have to use
> a wxStaticBoxSizer. Anyway, reading your comments and Ashesh's comments,
> I will drop the wxStaticBoxSizer and everyone will be happy:
> 
> * no strange issue on MacOSX for Ashesh
> * no weird design for you
> * but still first server certificate and then client certificate for Magnus.
> 
> Will try to work on this today.
> 

What about this one?


-- 
Guillaume
 http://www.postgresql.fr
 http://dalibo.com

Attachment: sslfiles_v3.png
Description: image/png (33.6 KB) (inlined above)

In response to

Responses

pgadmin-hackers by date

Next:From: Dave PageDate: 2011-01-28 18:39:42
Subject: Re: Patch to support SSL certificate connections
Previous:From: Nikhil SDate: 2011-01-28 09:18:42
Subject: pgAdmin III: crash when trying to save edited pg_hba.conf

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group