On Sat, 2021-02-13 at 09:57 -0700, Rob Sargent wrote: > I’m confused, as usual, about using a cert in a connection string. I wish to > connect form a > “middle ware” piece to PG on be half of various clients. Does each client > need a corresponding > cert/key or is the certification intended to say the sending machine is who > it says it is > (thereby needing only one cert)
They can share one certificate. https://www.postgresql.org/docs/current/auth-cert.html: When using this authentication method, the server will require that the client provide a valid, trusted certificate. No password prompt will be sent to the client. The cn (Common Name) attribute of the certificate will be compared to the requested database user name, and if they match the login will be allowed. Yours, Laurenz Albe -- Cybertec | https://www.cybertec-postgresql.com
