Quick Links

Re: SSL and USER_CERT_FILE round 2

From:	Andrew Dunstan <andrew(at)dunslane(dot)net>
To:	pgsql(at)mohawksoft(dot)com
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: SSL and USER_CERT_FILE round 2
Date:	2008-05-15 15:47:50
Message-ID:	482C5B26.6060605@dunslane.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

pgsql(at)mohawksoft(dot)com wrote:
> Adding "sslkey" and "sslcert" to the PQconnectdb connection string.
>
> After some discussion, I think it is more appropriate to add the key/cert
> file for SSL into the connect string. For example:
>
> PQconnectdb("host=foo dbname=bar sslmode=require
> sslkey=/opt/myapp/share/keys/client.key
> sslcert=/opt/myapp/share/keys/client.crt");
>
>
> Any comments?
>
>

I think if you're going to provide for these then you should also
provide for the CA cert and CRL.

Otherwise, it seems sensible.

cheers

andrew

In response to

SSL and USER_CERT_FILE round 2 at 2008-05-15 14:25:09 from pgsql

Responses

Re: SSL and USER_CERT_FILE round 2 at 2008-05-15 15:34:08 from pgsql

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Zdenek Kotala	2008-05-15 15:48:58	Re: bloated heapam.h
Previous Message	pgsql	2008-05-15 15:34:08	Re: SSL and USER_CERT_FILE round 2