Received: from localhost (postgresql.org [64.49.215.8]) by postgresql.org (Postfix) with ESMTP id C5CFC476439 for ; Mon, 23 Sep 2002 20:27:09 -0400 (EDT) Received: from candle.pha.pa.us (momjian.navpoint.com [207.106.42.251]) by postgresql.org (Postfix) with ESMTP id 21D9F4762BE for ; Mon, 23 Sep 2002 20:27:08 -0400 (EDT) Received: (from pgman@localhost) by candle.pha.pa.us (8.11.6/8.10.1) id g8O0Qph12753; Mon, 23 Sep 2002 20:26:51 -0400 (EDT) From: Bruce Momjian Message-Id: <200209240026.g8O0Qph12753@candle.pha.pa.us> Subject: Re: SSL documentation In-Reply-To: To: Peter Eisentraut Date: Mon, 23 Sep 2002 20:26:51 -0400 (EDT) Cc: Bear Giles , pgsql-docs@postgresql.org X-Mailer: ELM [version 2.4ME+ PL99 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Virus-Scanned: by AMaViS new-20020517 X-Archive-Number: 200209/33 X-Sequence-Number: 1485 Peter Eisentraut wrote: > Bruce Momjian writes: > > > Basically, SSL thing is very unclear to me and looks like a big mess. I > > don't know if that is because I don't understand it, or if it is really > > a mess that some of his stuff is in, some isn't. To me it seems his > > scripts tied into use the new SSL features, but no one has been able to > > comment on that. > > Not only that, but currently what used to work is broken. Now you need > certificates on the client side, which isn't documented anywhere. If we > don't get documentation we should revert the patches. Yep, I am ready to rip, but I need someone who understands SSL to do it for me because I don't understand which parts need to be ripped and which parts are good. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073