On 12/02/2013 03:44 PM, Tom Lane wrote:
Bruce Momjian <br...@momjian.us> writes:
Let me ask a simple question --- can
you put only the client cert on the client (postgresql.crt) and only the
root cert on the server (root.crt), and will it work?
Yes, that's surely always worked.


Not if the client has been signed by an intermediate CA, surely. Either the server must have the intermediate CA cert in its root.crt or the client must supply it along with the end cert.

cheers


--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to