| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | John R Pierce <pierce(at)hogranch(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org, chiru r <chirupg(at)gmail(dot)com> |
| Subject: | Re: OpeSSL - PostgreSQL |
| Date: | 2017-11-09 22:26:16 |
| Message-ID: | 18856.1510266376@sss.pgh.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
John R Pierce <pierce(at)hogranch(dot)com> writes:
> On 11/9/2017 1:59 PM, chiru r wrote:
>> How to configure the PostgreSQL to allow specif cipher suites from
>> different client applications?
> see https://www.postgresql.org/docs/9.5/static/ssl-tcp.html
Note that while you can adjust ssl_ciphers, it's a postmaster-wide
setting; there is not a provision for letting it be set per-user.
Since the SSL handshake necessarily occurs before we find out which
user is trying to connect, it'd be hard to do differently.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2017-11-09 22:46:13 | Re: [HACKERS] OpeSSL - PostgreSQL |
| Previous Message | John R Pierce | 2017-11-09 22:06:24 | Re: OpeSSL - PostgreSQL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2017-11-09 22:46:13 | Re: [HACKERS] OpeSSL - PostgreSQL |
| Previous Message | Andres Freund | 2017-11-09 22:24:31 | Re: [COMMITTERS] pgsql: Fix freezing of a dead HOT-updated tuple |