database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-04-24 10:47:04 +03:00
Code

Update SSL description for when SSL root.crt/server.crt is required;

Browse Source 
add link to libpq SSL does from server docs.

Backpatch to 8.2.X.
This commit is contained in:
Bruce Momjian 2007-03-30 03:19:02 +00:00
parent 8875d0987d
commit 2ebfe9a818
2 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/src/sgml/libpq.sgml
View File

@ -1,4 +1,4 @@
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.234 2007/02/20 19:35:17 momjian Exp $ --> <!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->
<chapter id="libpq"> <chapter id="libpq">
<title><application>libpq</application> - C Library</title> <title><application>libpq</application> - C Library</title>
@ -4501,7 +4501,7 @@ ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase)
<filename>%APPDATA%\postgresql\root.crt</filename>.) <filename>%APPDATA%\postgresql\root.crt</filename>.)
The SSL connection will The SSL connection will
fail if the server does not present a certificate; therefore, to fail if the server does not present a certificate; therefore, to
use this feature the server must also have a <filename>root.crt</> file. use this feature the server must have a <filename>server.crt</> file.
Certificate Revocation List (CRL) entries are also checked if the file Certificate Revocation List (CRL) entries are also checked if the file
<filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename> <filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename>
on Microsoft Windows). on Microsoft Windows).

11
doc/src/sgml/runtime.sgml
View File

@ -1,4 +1,4 @@
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.380 2007/03/06 09:59:22 petere Exp $ --> <!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.381 2007/03/30 03:19:02 momjian Exp $ -->
<chapter Id="runtime"> <chapter Id="runtime">
<title>Operating System Environment</title> <title>Operating System Environment</title>
@ -1574,10 +1574,11 @@ chmod og-rwx server.key
certificates of the <acronym>CA</acronym>(s) you wish to check for in certificates of the <acronym>CA</acronym>(s) you wish to check for in
the file <filename>root.crt</filename> in the data directory. When the file <filename>root.crt</filename> in the data directory. When
present, a client certificate will be requested from the client present, a client certificate will be requested from the client
during SSL connection startup, and it must have been signed by one of the during SSL connection startup, and it must have been signed by one of
certificates present in <filename>root.crt</filename>. Certificate the certificates present in <filename>root.crt</filename>. (See <xref
Revocation List (CRL) entries are also checked if the file linkend="libpq-ssl"> for a description of how to set up client
<filename>root.crl</filename> exists. certificates.) Certificate Revocation List (CRL) entries are also
checked if the file <filename>root.crl</filename> exists.
</para> </para>
<para> <para>