| From: | Craig Ringer <craig(at)postnewspapers(dot)com(dot)au> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-bugs <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request |
| Date: | 2010-05-27 02:55:09 |
| Message-ID: | 4BFDDF0D.2010806@postnewspapers.com.au |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On 27/05/10 10:05, Tom Lane wrote:
> Craig Ringer<craig(at)postnewspapers(dot)com(dot)au> writes:
>> See the self-contained test case here:
>> http://www.postnewspapers.com.au/~craig/testcase.zip
>
> Thanks for posting that; it makes it a lot easier to experiment with the
> behavior of the Java software stack.
>
> I've applied your patch along with some hacking on libpq. As far as
> I can tell, things now work nicely with chained certificates on either
> end, but it could definitely do with more testing if you have time to
> poke at CVS HEAD.
Thanks for that. I'll pull git, rebuild and re-test.
Handily this has got me running on HEAD builds for my testing/dev, so
I'll be able to set up with SR/HS and integrate that into my regular app
testing and development.
Sorry for getting grumpy, BTW. I was having a hard time explaining what
I was on about.
--
Craig Ringer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig Ringer | 2010-05-27 02:56:37 | Re: BUG #5245: Full Server Certificate Chain Not Sent to client |
| Previous Message | Tom Lane | 2010-05-27 02:05:03 | Re: BUG #5468: Pg doesn't send accepted root CA list to client during SSL client cert request |