Skip to content

P
Postgres FD Implementation
Commit 2ebfe9a8 authored by Bruce Momjian's avatar Bruce Momjian
Browse files
Options

Update SSL description for when SSL root.crt/server.crt is required; 

add link to libpq SSL does from server docs.

Backpatch to 8.2.X.
parent 8875d098
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 7 deletions
doc/src/sgml/libpq.sgml
View file @ 2ebfe9a8
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.234 2007/02/20 19:35:17 momjian Exp $ --> <!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->
<chapter id="libpq"> <chapter id="libpq">
<title><application>libpq</application> - C Library</title> <title><application>libpq</application> - C Library</title>
...@@ -4501,7 +4501,7 @@ ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase) ...@@ -4501,7 +4501,7 @@ ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase)
<filename>%APPDATA%\postgresql\root.crt</filename>.) <filename>%APPDATA%\postgresql\root.crt</filename>.)
The SSL connection will The SSL connection will
fail if the server does not present a certificate; therefore, to fail if the server does not present a certificate; therefore, to
use this feature the server must also have a <filename>root.crt</> file. use this feature the server must have a <filename>server.crt</> file.
Certificate Revocation List (CRL) entries are also checked if the file Certificate Revocation List (CRL) entries are also checked if the file
<filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename> <filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename>
on Microsoft Windows). on Microsoft Windows).
......
doc/src/sgml/runtime.sgml
View file @ 2ebfe9a8
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.380 2007/03/06 09:59:22 petere Exp $ --> <!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.381 2007/03/30 03:19:02 momjian Exp $ -->
<chapter Id="runtime"> <chapter Id="runtime">
<title>Operating System Environment</title> <title>Operating System Environment</title>
...@@ -1574,10 +1574,11 @@ chmod og-rwx server.key ...@@ -1574,10 +1574,11 @@ chmod og-rwx server.key
certificates of the <acronym>CA</acronym>(s) you wish to check for in certificates of the <acronym>CA</acronym>(s) you wish to check for in
the file <filename>root.crt</filename> in the data directory. When the file <filename>root.crt</filename> in the data directory. When
present, a client certificate will be requested from the client present, a client certificate will be requested from the client
during SSL connection startup, and it must have been signed by one of the during SSL connection startup, and it must have been signed by one of
certificates present in <filename>root.crt</filename>. Certificate the certificates present in <filename>root.crt</filename>. (See <xref
Revocation List (CRL) entries are also checked if the file linkend="libpq-ssl"> for a description of how to set up client
<filename>root.crl</filename> exists. certificates.) Certificate Revocation List (CRL) entries are also
checked if the file <filename>root.crl</filename> exists.
</para> </para>
<para> <para>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment