| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Jeff Davis <pgsql(at)j-davis(dot)com> |
| Cc: | Andres Freund <andres(at)anarazel(dot)de>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Michael Paquier <michael(at)paquier(dot)xyz>, Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com> |
| Subject: | Re: Support for NSS as a libpq TLS backend |
| Date: | 2021-06-03 17:47:45 |
| Message-ID: | D187206C-B942-484B-AB39-5AD25191D6AB@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 3 Jun 2021, at 19:37, Jeff Davis <pgsql(at)j-davis(dot)com> wrote:
>
> On Tue, 2020-10-27 at 23:39 -0700, Andres Freund wrote:
>> Maybe we should just have --with-ssl={openssl,nss}? That'd avoid
>> needing
>> to check for errors.
>
> [ apologies for the late reply ]
>
> Would it be more proper to call it --with-tls={openssl,nss} ?
Well, we use SSL for everything else (GUCs, connection params and env vars etc)
so I think --with-ssl is sensible.
However, SSL and TLS are used quite interchangeably these days so I think it
makes sense to provide --with-tls as an alias.
--
Daniel Gustafsson https://vmware.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2021-06-03 17:52:41 | Re: SSL SNI |
| Previous Message | Tom Lane | 2021-06-03 17:41:48 | Re: SSL SNI |