John R Pierce wrote:
for self-signed certs, you first create a rootca, you can import the rootca public key/cert to your browser, by offering it as the proper mime type (I forget the specifics), once accepted into your browser, the browser will trust any certs created off that root, same as if they are signed by any of the 'commercial' CAs.. of course, if you do this, you need to keep your rootca private keys safe.
ok, I found my notes on this... you put your root-certificate.crt on a webserver, and offer it via a link with mime-type application/x-x509-ca-cert
-- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs
