Skip site navigation (1) Skip section navigation (2)

Re: libpq: system-wide root.crt

From: Magnus Hagander <magnus(at)hagander(dot)net>
To: pgsql-bugs(at)postgresql(dot)org, Stephen Gran <sgran(at)debian(dot)org>, DSA list <debian-admin(at)lists(dot)debian(dot)org>
Subject: Re: libpq: system-wide root.crt
Date: 2010-09-23 06:36:41
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-bugs
On Thu, Aug 19, 2010 at 23:11, Martin Pitt <mpitt(at)debian(dot)org> wrote:
> Hello PostgreSQL developers,
> Martin Pitt [2010-08-17  6:49 +0200]:
>> I received a request to support system-wide root certificates in
>> libpq. Right now it only looks in ~/.postgresql/root.crt, but since
>> such certificates are usually set up system wide and be maintained by
>> the sysadmins, it would be very convenient if there was a fallback
>> lookup in /etc/postgresql/ or similar.
> Patch attached against current git head. I tested it with both the
> default case (new option not specified), as well as with
> --with-ssl-root-cert-dir=/etc/postgresql-common, and confirm that in
> the latter case root.crt gets picked up from
> /etc/postgresql-common/ if it's not in ~/.postgresql/.

I wonder if we want to have a default value for this rather than
disabling it when it's not specified by configure. But is there any
kind of reasonable default that's not going to be
platform/distribution specific?

 Magnus Hagander

In response to


pgsql-bugs by date

Next:From: Robert HaasDate: 2010-09-23 13:24:37
Subject: Re: BUG #5669: server process was terminated by exception 0xC0000005
Previous:From: TamilSelvam MDate: 2010-09-23 06:08:05
Subject: Postgresql installation on P2020 board

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group