Re: Successor of MD5 authentication, let's use SCRAM

John R Pierce wrote:
> On 10/12/12 9:00 PM, Darren Duncan wrote:
>> And now we're migrating to Red Hat for the production launch, using 
>> the http://www.postgresql.org/download/linux/redhat/ packages for 
>> Postgres 9.1, and these do *not* include the SSL. 
> 
> hmm?  I'm using the 9.1 for CentOS 6(RHEL 6) and libpq.so certainly has 
> libssl3.so, etc as references.  ditto the postmaster/postgres main 
> program has libssl3.so too.   maybe your certificate chains don't come 
> pre-built, I dunno, I haven't dealt with that end of things.

Okay, I'll have to look into that.  All I know is out of the box SSL just worked 
on Debian and it didn't on Red Hat; trying to enable SSL on out of the box 
Postgres on Red Hat gave a fatal error on server start, at the very least 
needing the installation of SSL keys/certs, which I didn't have to do on Debian. 
-- Darren Duncan