On Tue, Mar 28, 2023 at 04:28:24PM +0200, Peter Eisentraut wrote:
> On 23.03.23 14:33, Steve Atkins wrote:
> > A couple of times recently I’ve been chatting with someone about using
> > certificate authentication, and the docs they’ve found on it are the ones
> > in section 21.12 (Client Authentication -> Certificate Authentication).
> >
> > But the useful documentation about how to set it up and use it is in
> > section 19.9.3 (Secure TCP/IP Connections with SSL -> Using Client
> > Certificates), where you’re less likely to find it while thinking about
> > authentication.
> >
> > Should we add a link from the former to the latter?
>
> Sure, some cross-linking between those two sections seems sensible.
Attached is a patch which accomplishes this.
--
Bruce Momjian <[email protected]> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index a72f80f033..82bfd25fd1 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -2165,7 +2165,8 @@ host ... radius radiusservers="server1,server2" radiussecrets="""secret one"",""
<para>
This authentication method uses SSL client certificates to perform
- authentication. It is therefore only available for SSL connections.
+ authentication. It is therefore only available for SSL connections;
+ see <xref linkend="ssl-openssl-config"/> for SSL configuration instructions.
When using this authentication method, the server will require that
the client provide a valid, trusted certificate. No password prompt
will be sent to the client. The <literal>cn</literal> (Common Name)
