On Wed, Nov 26, 2025 at 09:34:18AM +0000, PG Doc comments form wrote: > The following documentation comment has been logged on the website: > > Page: https://www.postgresql.org/docs/18/runtime-config-connection.html > Description: > > Clarify that ssl_cert_file and ssl_key_file are only read on startup -- > implying that the params can be changed and the files moved to the new > location/name without requiring a restart. Of course a restart is good to > validate that the params and files are configured correctly.
The docs say that you can only change this in postgresql.conf or on the command line. Changes to postgresql.conf requires pg_ctl reload or something similar. I am not aware of anyone else who thinks changing postgresql.conf and then reloading causes the session to use new ssl keys/files, and explaining that in the docs might be more confusing than helpful. -- Bruce Momjian <[email protected]> https://momjian.us EDB https://enterprisedb.com Do not let urgent matters crowd out time for investment in the future.
