Hi, I am trying to generate self-signed certificate for full ssl authentication. I need to have universal version of this certificate for development purposes (so any client can connect with any postgresql server with ssl on and verify-full flag). I am using IP while connecting, I mean host=<IP>.
However verify-full connection works only in case "Common Name" in certificate contains only fully qualified IP address, when I try to set CN as * (asterisk) I receive error: server common name "*" does not match hostname "my_ip" According to the documentation here : http://www.postgresql.org/docs/current/static/libpq-ssl.html "If the connection is made using an IP address instead of a host name, the IP address will be matched (without doing any DNS lookups). " Would you please advise what I am doing wrong? Or maybe there is other way to generate wildcard certificate ? Or maybe this is a possible bug? Thanks in advance ! Joanna -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
