| From: | Christoph Moench-Tegeder <cmt(at)burggraben(dot)net> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: SSL certificate location |
| Date: | 2016-04-17 21:32:03 |
| Message-ID: | 20160417213202.GA59436@elch.exwg.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
## Terence Ferraro (terencejferraro(at)gmail(dot)com):
> At the moment, if a user has multiple applications on a single machine
> connecting with different SSL certificates, each process must be launched
> by a different logical user and the certificates placed within that user's
> home directory (and this is just for *nix, forget about Windows). The
> current method is not scalable, either.
That is incorrect.
http://www.postgresql.org/docs/current/static/libpq-ssl.html
http://www.postgresql.org/docs/current/static/libpq-connect.html#LIBPQ-PARAMKEYWORDS
http://www.postgresql.org/docs/current/static/libpq-envars.html
Connection parameters are "sslcert" and "sslkey", environment variables
"PGSSLCERT" and "PGSSLKEY".
You can also specify parameters in your .pg_service.conf.
Regards,
Christoph
--
Spare Space
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2016-04-17 22:15:26 | Re: snapshot too old, configured by time |
| Previous Message | Terence Ferraro | 2016-04-17 20:45:28 | SSL certificate location |