> [EMAIL PROTECTED] writes: >> Maybe we need to go even further and add it to the PQconnect API >> sslkey=filename and sslcrt=filename in addition to sslmode? > > If there's a case to be made for this at all, it should be handled the > same way as all other libpq connection parameters. > > regards, tom lane >
Here's the use case: I have an application that must connect to multiple PostgreSQL databases and must use secure communications and the SSL keys are under the control of the business units the administer the databases, not me. In addition my application also communicates with other SSL enabled versions of itself. I think you would agree that a hard coded immutable location for "client" interface is problematic. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
