Skip to content

Commit 2ebfe9a

Browse files
bmomjianbmomjian
committed
Update SSL description for when SSL root.crt/server.crt is required;
add link to libpq SSL does from server docs. Backpatch to 8.2.X.
1 parent 8875d09 commit 2ebfe9a

File tree

2 files changed

+8
-7
lines changed

2 files changed

+8
-7
lines changed

doc/src/sgml/libpq.sgml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.234 2007/02/20 19:35:17 momjian Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->
22

33
<chapter id="libpq">
44
<title><application>libpq</application> - C Library</title>
@@ -4501,7 +4501,7 @@ ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase)
45014501
<filename>%APPDATA%\postgresql\root.crt</filename>.)
45024502
The SSL connection will
45034503
fail if the server does not present a certificate; therefore, to
4504-
use this feature the server must also have a <filename>root.crt</> file.
4504+
use this feature the server must have a <filename>server.crt</> file.
45054505
Certificate Revocation List (CRL) entries are also checked if the file
45064506
<filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename>
45074507
on Microsoft Windows).

doc/src/sgml/runtime.sgml

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.380 2007/03/06 09:59:22 petere Exp $ -->
1+
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.381 2007/03/30 03:19:02 momjian Exp $ -->
22

33
<chapter Id="runtime">
44
<title>Operating System Environment</title>
@@ -1574,10 +1574,11 @@ chmod og-rwx server.key
15741574
certificates of the <acronym>CA</acronym>(s) you wish to check for in
15751575
the file <filename>root.crt</filename> in the data directory. When
15761576
present, a client certificate will be requested from the client
1577-
during SSL connection startup, and it must have been signed by one of the
1578-
certificates present in <filename>root.crt</filename>. Certificate
1579-
Revocation List (CRL) entries are also checked if the file
1580-
<filename>root.crl</filename> exists.
1577+
during SSL connection startup, and it must have been signed by one of
1578+
the certificates present in <filename>root.crt</filename>. (See <xref
1579+
linkend="libpq-ssl"> for a description of how to set up client
1580+
certificates.) Certificate Revocation List (CRL) entries are also
1581+
checked if the file <filename>root.crl</filename> exists.
15811582
</para>
15821583

15831584
<para>

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy