Re: Support for hardware tokens for server/replication private key
| От | Magnus Hagander |
|---|---|
| Тема | Re: Support for hardware tokens for server/replication private key |
| Дата | |
| Msg-id | CABUevEzw1paQWd8nbbz+G=WPhdR1fWKZwxnWV=MOOomxD3m=1Q@mail.gmail.com обсуждение исходный текст |
| Ответ на | Support for hardware tokens for server/replication private key (mdaswani <md@quintessencelabs.com>) |
| Ответы |
Re: Support for hardware tokens for server/replication private key
|
| Список | pgsql-general |
On Thu, Dec 3, 2015 at 5:31 AM, mdaswani <md@quintessencelabs.com> wrote:
Hi,
Postgres allows client-side SSL requests to use secret keys on hardware
tokens via OpenSSL engine support. Is there an equivalent way to store the
server key on a hardware token.
Similarly, is it possible to specify private keys on a hardware token for
replication connections? Does the sslkey parameter of the primary_conninfo
string in the recovery.conf file accept an OpenSSL Engine token key?
While I haven't tested it and haven't heard of anybody else who has, it should work. From a libpq perspective ,the replication standby is "just another client", so any parameters that work for libpq should work there.
В списке pgsql-general по дате отправления: