On Thu, Aug 28, 2014 at 3:20 AM, Robert Haas <robertmhaas@gmail.com> wrote:
> On Wed, Aug 27, 2014 at 6:40 AM, Magnus Hagander <magnus@hagander.net> wrote:
>> On Wed, Aug 27, 2014 at 11:56 AM, Alexey Klyukin <alexk@hintbits.com> wrote:
>>> Greetings,
>>>
>>> Is there a strong reason to disallow reloading server key and cert files
>>> during the PostgreSQL reload?
>>
>> Key and cert files are loaded in the postmaster. We'd need to change
>> that.
>
> Why?
Hmm. That's actually a good point. Not sure I have an excuse. They
could certainly be made BACKEND without that, and there's no way to
change it within a running backend *anyway*, since we cannot turn
on/off SSL once a connection has been made. So yeah, it can actually
still be loaded in postmaster, and I withdraw that argument :)
-- Magnus HaganderMe: http://www.hagander.net/Work: http://www.redpill-linpro.com/