| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | Jesse Zhang <sbjesse(at)gmail(dot)com> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SSL SNI |
| Date: | 2021-02-15 19:24:56 |
| Message-ID: | 5bf09acd-fcd8-052a-ae68-a51d7e02c458@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2021-02-15 18:40, Jesse Zhang wrote:
> I imagine this also (finally) opens up the possibility for the server
> to present a different certificate for each hostname based on SNI.
> This eliminates the requirement for wildcard certs where the cluster
> is running on a host with multiple (typically two to three) hostnames
> and the clients check the hostname against SAN in the cert
> (sslmode=verify-full). Am I right? Is that feature on anybody's
> roadmap?
This would be the client side of that. But I don't know of anyone
planning to work on the server side.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Justin Pryzby | 2021-02-15 19:33:41 | Re: CREATE INDEX CONCURRENTLY on partitioned index |
| Previous Message | Anastasia Lubennikova | 2021-02-15 19:07:05 | Re: CREATE INDEX CONCURRENTLY on partitioned index |