Tom Lane [2009-04-10 19:01 -0400]: > This seems a bit handwavy --- there's a difference between the machine's > own cert and what it thinks is a root cert.
Sure. > How do you deal with that? If the root cert is real, how do you put > in self-signed server certs? I'm afraid I don't understand. If an admin replaces the default snakeoil cert with a real one which he got signed by a CA, then of course he would replace the standard system SSL cert (which all the servers default to, and which is initially the snakeoil one) with the "good" certificate. I don't see a reason why an admin would replace a self-signed cert with another self-signed cert? Thanks, Martin -- Martin Pitt | http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
