Tom Lane wrote:
BTW, as of CVS tip, if the server has a root.crt file and the client does not have any certificate files, the default behavior is that connections fail:
$ psql -h localhost regression psql: could not open certificate file "/home/tgl/.postgresql/postgresql.crt": No such file or directory $
I'm not sure if this is desirable. Should libpq try to fall back to a non-SSL-encrypted connection, instead?
Only if the server certificate validates, otherwise an active attacker could intercept the SSL connection to force libpq to fall back to non-SSL and then intercept the unencrypted/unauthenticated connection. Does openssl lets you detect a "server cert OK but no suitable client cert provided" error easily?
-O
---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
