| From: | Kris Jurka <books(at)ejurka(dot)com> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | pgsql-jdbc(at)postgresql(dot)org |
| Subject: | Re: JDBC and certificates |
| Date: | 2008-11-13 20:55:21 |
| Message-ID: | Pine.BSO.4.64.0811131551130.11691@leary.csoft.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-jdbc |
On Thu, 13 Nov 2008, Magnus Hagander wrote:
> 1) It is my understanding that the JDBC driver will do certificate
> validation of the servers certificate by default. Can someone confirm
> this?
Yes, by default the server cert is validated. An option is provided to
not validate it if desired. [1]
> 2) Does the JDBC driver support client certificates, and if so, how?
> This *should* require no changes to work with the client certificate
> authentication method I'm hoping to get into 8.4, but it would be good
> to test that :-) And if it's not supported now, how much work would it
> be to add support for it?
>
Currently client certificates are not supported. Two patches have been
posted to make this work [2], but I haven't really looked at either of
them.
Kris Jurka
[1] http://jdbc.postgresql.org/documentation/83/ssl-client.html#nonvalidating
[2] http://pgfoundry.org/tracker/index.php?func=detail&aid=1010293&group_id=1000224&atid=856
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vic Simkus | 2008-11-13 21:01:50 | Re: JDBC and certificates |
| Previous Message | Magnus Hagander | 2008-11-13 12:38:29 | JDBC and certificates |