database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-08 11:42:09 +03:00
Code Activity

This patch attempts to note the use of the root.crt file in the server.

Browse Source 
Given that PostgreSQL will output a message complaining about it's
absence if you're using SSL mode, I feel it's important that it gets a
mention in the documentation at some point.

Dominic Mitchell
This commit is contained in:
Bruce Momjian
2004-09-23 13:16:02 +00:00
parent 505d9be3e6
commit 31ae87c332
2 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
doc/src/sgml/runtime.sgml
View File

@ -1,5 +1,5 @@
<!-- <!--
$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.282 2004/09/22 03:55:24 neilc Exp $ $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.283 2004/09/23 13:15:57 momjian Exp $
--> -->
<Chapter Id="runtime"> <Chapter Id="runtime">
@ -4358,6 +4358,24 @@ chmod og-rwx server.key
to turn the certificate into a self-signed certificate and to copy the to turn the certificate into a self-signed certificate and to copy the
key and certificate to where the server will look for them. key and certificate to where the server will look for them.
</para> </para>
<para>
If verification of client certificates is required, place the
certificates of the <acronym>CA</acronym> you wish to check for in
the file <filename>root.crt</filename> in the data directory. When
present, a client certificate will be requested from the client
making the connection and it must have been signed by one of the
certificates present in <filename>root.crt</filename>. If no
certificate is presented, the connection will be allowed to proceed
anway.
</para>
<para>
The <filename>root.crt</filename> file is always checked for, and
its absence will be noted through a message in the log. This is
merely an informative message that client certificates will not be
requested.
</para>
</sect1> </sect1>
<sect1 id="ssh-tunnels"> <sect1 id="ssh-tunnels">

9
src/include/c.h
View File

@ -12,7 +12,7 @@
* Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group * Portions Copyright (c) 1996-2004, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* $PostgreSQL: pgsql/src/include/c.h,v 1.172 2004/09/16 16:58:38 tgl Exp $ * $PostgreSQL: pgsql/src/include/c.h,v 1.173 2004/09/23 13:16:02 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -75,10 +75,13 @@
#include <SupportDefs.h> #include <SupportDefs.h>
#endif #endif
#if (defined(WIN32) || defined(__CYGWIN__)) && \ #if defined(WIN32) || defined(__CYGWIN__)
!defined(_MSC_VER) && !defined(__BORLANDC__) #if !defined(_MSC_VER) && !defined(__BORLANDC__)
/* We have to redefine some system functions after they are included above */ /* We have to redefine some system functions after they are included above */
#include "pg_config_os.h" #include "pg_config_os.h"
#else
#include <windows.h> /* We don't have a port file for MSC/BCC */
#endif
#endif #endif
/* Must be before gettext() games below */ /* Must be before gettext() games below */