Ray Stell <stellr(at)cns(dot)vt(dot)edu> writes:
> I was hoping to not have to support client certs. I want
> encryption and to verify the server, but no to verify the client.
> Does this work and I've got the config wrong?
Maybe I misunderstand what you want --- doesn't leaving out the
server's root.crt file do that?
regards, tom lane