Ray Stell <ste...@cns.vt.edu> writes: > Someone asked about ssl client cert auth recently. I got > this to work, but something tripped me up.
> http://developer.postgresql.org/pgdocs/postgres/ssl-tcp.html > states (very clearly, btw) that, "To require the client to supply a > trusted certificate, place certificates of the certificate authorities > (CAs) you trust in the file root.crt in the data directory." I had > ASS-U-MEd that root.crt would go in .postgresql as it does for encryption. > This begs the question, why two copies of the same file? The one in ~/.postgresql is for client usage. The one in $PGDATA is for the server's use. There's no reason to assume they'd be the same. regards, tom lane -- Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
