Re: Postgresql and SSL
| От | Jorge Godoy |
|---|---|
| Тема | Re: Postgresql and SSL |
| Дата | |
| Msg-id | 200709202120.07364.jgodoy@gmail.com обсуждение исходный текст |
| Ответ на | Re: Postgresql and SSL (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: Postgresql and SSL
|
| Список | pgsql-general |
On Thursday 20 September 2007 11:41:00 Tom Lane wrote: > "Albe Laurenz" <laurenz.albe@wien.gv.at> writes: > > Jorge Godoy wrote: > >> Even though one can require connections using only SSL on the > >> server side, I don't see a method (in pg_hba.conf) that > >> would allow clients with SSL certificates. > > > > Nor do I. > > If you mean *require* clients to have certificates, that's not > determined by pg_hba.conf, it's determined by whether you provide > a root.crt file. See > http://www.postgresql.org/docs/8.2/static/ssl-tcp.html Thank you! Complemented with http://www.postgresql.org/docs/8.2/static/libpq-ssl.html this is exactly what we were guessing the OP asked for... I'll have to dig if the libraries I use support that. It would be much more interesting changing certificates once a year than hardcoding passwords on code... -- Jorge Godoy <jgodoy@gmail.com>
В списке pgsql-general по дате отправления: