On 01/04/2017 03:48 PM, Magnus Hagander wrote:
On Wed, Jan 4, 2017 at 3:47 PM, Tom Lane <t...@sss.pgh.pa.us
    It does not; what would be the point, if the key would be lost at

If we lost it, yes. But we could keep the old key around if it hasn't
changed, thus behave just like we did in <= 9.6.

That means storing the pass phrase in the memory of the postmaster, which does not sound like a terribly good idea to me, but I have never used keys with pass phrases for daemons so it might be a common solution which is acceptable by many.

    If any of those number of people want to step up and design/implement
    a non-broken solution for passphrases, that'd be fine with me.  But
    I would want to see something that's actually a credible solution,
    allowing the postmaster to be started as a normal daemon.  And working
    on Windows.

Well, for all those people 9.6 worked significantly better... Because
they could reload *other* config parameters without failure.

A possible solution might be to only add the error throwing hook when loading certificates during SIGHUP (and at Windows) and to work as before on startup. Would that be an acceptable solution? I could write a patch for this if people are interested.


Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to