> On 23 Jun 2023, at 22:10, Cary Huang <cary.hu...@highgo.ca> wrote:
>> Off the cuff that doesn't seem like a bad idea, but I wonder if we should add >> them to pg_stat_ssl (or both) instead if we deem them valuable? > > I think the same information should be available to pg_stat_ssl as well. > pg_stat_ssl can show the client certificate information for all connecting > clients, having it to show not_before and not_after timestamps of every > client are important in my opinion. The attached patch > "v2-0002-pg-stat-ssl-add-notbefore-and-notafter-timestamps.patch" adds this > support This needs to adjust the tests in src/test/ssl which now fails due to SELECT * returning a row which doesn't match what the test was coded for. >> Re the patch, it would be nice to move the logic in ssl_client_get_notafter >> and >> the _notbefore counterpart to a static function since they are copies of >> eachother. > > Yes agreed. I have made the adjustment attached as > "v2-0001-sslinfo-add-notbefore-and-notafter-timestamps.patch" The new patchset isn't updating contrib/sslinfo/meson with the 1.3 update so it fails to build with Meson. -- Daniel Gustafsson
