On Sat, Apr 15, 2017 at 11:17:14AM -0400, Andrew Dunstan wrote:
> On 04/15/2017 09:58 AM, Andrew Dunstan wrote:
> > The instructions on how to create a self-signed certificate in s 18.9.3
> > of the docs seem unduly cumbersome. AFAICT we could replace all the
> > commands (except the chmod) with something like this:
> >
> >     |openssl req -new-x509 -days 365-nodes \ -text -outserver.crt\
> >     -keyout server.key\ -subj "/C=XY/CN=yourdomain.name"|
> >
> > Is there any reason for sticking with the current instructions?
> >
> Argh. Darn Thunderbird. This should of course be:
>     openssl req -new-x509 -days 365-nodes \

I think you meant "-days 365 -nodes" here.

I think the reason we have those cumbersome instructions is that there
is no way to create a non-expireable certificate using simpler

I would like to revisit these instructions, as well as document how to
create intermediate certificates.  I have scripts that do that.

  Bruce Momjian  <br...@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to