| From: | "Gunnar \"Nick\" Bluth" <gunnar(dot)bluth(dot)extern(at)elster(dot)de> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: pg_hba.conf and hostssl all all 999.999.999.0/24 cert and use of letsencrypt.org software |
| Date: | 2017-01-30 08:20:29 |
| Message-ID: | 7e322d81-b7ad-b484-d84d-a1a9c01fa94d@elster.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Am 01/25/2017 um 02:45 PM schrieb Poul Kristensen:
>
> Hi!
Hi Poul,
> Does anyone know if letsencrypt can be used to authenticate host(client)
> to host (PostgreSQL)?
> The goal is to let the client authenticate againts the certificate
> registered
> in an openLDAP and use letsencrypt.org <http://letsencrypt.org> software.
> The PostgreSQL host is going to run the openLDAP too.
>
> Have anyone tried this?
I'm wondering if you really thought this through... why would you want
to rely on a (rather trustworthy, but alas!) CA to manage your
certificates when you can use your own (google "easyrsa") CA without any
significant hassle?
But maybe I'm missing something ;-)
Cheers,
--
Gunnar "Nick" Bluth
DBA ELSTER
Tel: +49 911/991-4665
Mobil: +49 172/8853339
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2017-01-30 08:32:11 | Re: pg_hba.conf and hostssl all all 999.999.999.0/24 cert and use of letsencrypt.org software |
| Previous Message | John Scalia | 2017-01-27 17:47:50 | Re: Configuring LDAP in the pg_hba.conf file |