| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | harpagornis <shenlong(at)runbox(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: SSL Certificates in Windows 7 & Postgres 9.3 |
| Date: | 2014-12-18 18:48:54 |
| Message-ID: | 54932196.5050801@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 12/17/2014 10:14 PM, harpagornis wrote:
> I am developing a Windows desktop application so the client is the desktop
> application. Depending on the installation, the app will be running in
> single user mode, with the server and client both on only one machine, using
> 127.0.0.1. In that type of installation, there is little or no reason the
> server and the client cannot share configuration files. Alternatively, the
> app could be installed for multiple users on a network server. Even in that
> type of installation, is there some reason that the client should never
> access server configuration files?
Yes, security. In any case for what you are trying to do the server
configuration is not something the client has to fool with.
>
> Regarding the search_path, when I connected with psql and certificates, I
> was only able to do so after I copied the certificates and keys into the
> Postgres folder located in the Roaming folder, located in the AppData
> folder, located in my Windows User name folder, located in the Windows
> system Users folder. I thought I read somewhere that particular folder
> derives from the search_path setting.
>
It is important to remember that SSL is not provided by Postgres, it
just has the ability to use SSL to make a connection. So it just
piggybacks on an existing program. In doing that it makes certain
assumptions to start with.
For server side:
http://www.postgresql.org/docs/9.3/static/ssl-tcp.html
For libpq clients:
http://www.postgresql.org/docs/9.3/static/libpq-ssl.html
Important the above is for libpq based clients such as psql. I am not
sure how non-libpq clients such as the Postgres JDBC client handle this.
The beginning assumptions can be modified by setting environment
variables(again this is for libpq clients):
http://www.postgresql.org/docs/9.3/static/libpq-envars.html
or the postgresql.conf
For information on what search_path really does see:
http://www.postgresql.org/docs/9.3/static/runtime-config-client.html
>
>
>
> --
> View this message in context: http://postgresql.nabble.com/SSL-Certificates-in-Windows-7-Postgres-9-3-tp5830749p5831232.html
> Sent from the PostgreSQL - general mailing list archive at Nabble.com.
>
>
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | harpagornis | 2014-12-18 18:56:31 | Re: SSL Certificates in Windows 7 & Postgres 9.3 |
| Previous Message | Mike Blackwell | 2014-12-18 18:16:24 | pl/pgsql trigger function - compare *most* columns in NEW vs. OLD |