On 2021-09-10, Jeremy Harris via Exim-users <[email protected]> wrote: > On 10/09/2021 09:13, Jeremy Harris via Exim-users wrote: >> On 10/09/2021 01:31, Patrick via Exim-users wrote: >>> Before I spend too much time trying to figure this out, is it possible to >>> configure my PostgreSQL connection to use passwordless certificate based >>> authentication? >> >> Nope. We're using what seems to be an older API for the client-connection >> which does not support SSL. A wishlist-level bug would be appropriate. > > Actually, reading the Postgres docs further, there's a faint hope. > Try something like: > > pgsql_servers = "host=192.168.45.16 sslcert=client.crt sslkey=client.key > sslmode=verify-ca sslrootcert=root.crt/exim/thepguser/" > > (We're still using the older API, but it appears to have a forward-compat > feature. This might be pgsql-library version dependent; I'm looking > at the 8.3 docs)
As I unserstand it the old libpq connect call naively massages its parameters to match the new connection string interface, so it's preactical to inject connection parameters using the database-name field -- Jasen. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
