SSL instructions simplified

This simplifies the instructions for creating SSL certificates.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
Index: doc/src/sgml/runtime.sgml
===================================================================
RCS file: /cvsroot/pgsql-server/doc/src/sgml/runtime.sgml,v
retrieving revision 1.140
diff -c -c -r1.140 runtime.sgml
*** doc/src/sgml/runtime.sgml    26 Sep 2002 04:41:54 -0000    1.140
--- doc/src/sgml/runtime.sgml    27 Sep 2002 02:02:25 -0000
***************
*** 2862,2868 ****
     self-signed certificate, use the following
     <productname>OpenSSL</productname> command:
  <programlisting>
! openssl req -new -text -out cert.req
  </programlisting>
     Fill out the information that <command>openssl</> asks for. Make sure
     that you enter the local host name as Common Name; the challenge
--- 2862,2869 ----
     self-signed certificate, use the following
     <productname>OpenSSL</productname> command:
  <programlisting>
! cd <replaceable>$PGDATA</replaceable>
! openssl req -new -text -out server.req
  </programlisting>
     Fill out the information that <command>openssl</> asks for. Make sure
     that you enter the local host name as Common Name; the challenge
***************
*** 2871,2884 ****
     than four characters long. To remove the passphrase (as you must if
     you want automatic start-up of the server), run the commands
  <programlisting>
! openssl rsa -in privkey.pem -out cert.pem
  </programlisting>
     Enter the old passphrase to unlock the existing key. Now do
  <programlisting>
! openssl req -x509 -in cert.req -text -key cert.pem -out cert.cert
! chmod og-rwx cert.pem
! cp cert.pem <replaceable>$PGDATA</replaceable>/server.key
! cp cert.cert <replaceable>$PGDATA</replaceable>/server.crt
  </programlisting>
     to turn the certificate into a self-signed certificate and to copy the
     key and certificate to where the server will look for them.
--- 2872,2884 ----
     than four characters long. To remove the passphrase (as you must if
     you want automatic start-up of the server), run the commands
  <programlisting>
! openssl rsa -in privkey.pem -out server.key
! rm privkey.pem
  </programlisting>
     Enter the old passphrase to unlock the existing key. Now do
  <programlisting>
! openssl req -x509 -in server.req -text -key server.key -out server.crt
! chmod og-rwx server.key
  </programlisting>
     to turn the certificate into a self-signed certificate and to copy the
     key and certificate to where the server will look for them.