Re: localhost ssl

> Check out this section:
> 
> https://www.postgresql.org/docs/12/ssl-tcp.html#SSL-CLIENT-CERTIFICATES
> 
> "...  the cn (Common Name) in the certificate matches the user name or 
> an applicable mapping."
> 
> This section spells out what is needed for the various forms of client 
> cert SSL authentication.
> 
>>
>> I have specific roles accessing specific schemas via sql which is not 
>> schema qualified.
>>
> 
> I'm  assuming this is some sort of security. Just wondering if there is 
> provision made for people who know how to do SET search_path or \dn or 
> schema qualify objects?
> 
> 
Honest, I've been reading 18.9 but as you can see it uses CN for host 
and then 20.12 suggests using CN for role.

Yes, I'm confused.  As I said in reply to Jeff, I would rather not need 
to remember to set the search_path, which I can avoid if I login as "role".