| From: | "Jonathan Gonzalez V(dot)" <jonathan(dot)abdiel(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Make PGOAUTHCAFILE in libpq-oauth work out of debug mode |
| Date: | 2025-10-29 19:19:49 |
| Message-ID: | 16a91d02795cb991963326a902afa764e4d721db.camel@gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
While working on a validator for keycloak[1] with libpq-oauth I find
out that to allow a self-signed certificated I had to set the CA on the
client but for this was required to also set the PGOAUTHDEBUG=UNSAFE
which generated a lot of information on the client side that I didn't
need for my testing and work.
This patch basically remove the need of setting the PGOAUTHDEBUG=UNSAFE
to be able to use PGOAUTHCAFILE.
I'm not sure if where I put the documentation is the right place, I
would like to have some opinions on that matter too.
[1] https://github.com/cloudnative-pg/postgres-keycloak-oauth-validator
--
Jonathan Gonzalez V. <jonathan(dot)abdiel(at)gmail(dot)com>
| Attachment | Content-Type | Size |
|---|---|---|
| v1-0001-libpq-oauth-allow-changing-the-CA-when-not-in-deb.patch | text/x-patch | 3.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Masahiko Sawada | 2025-10-29 19:26:19 | Re: POC: enable logical decoding when wal_level = 'replica' without a server restart |
| Previous Message | Robert Haas | 2025-10-29 18:55:21 | Re: apply_scanjoin_target_to_paths and partitionwise join |