Andrew Dunstan <and...@dunslane.net> writes: > You don't have to copy anything to achieve what you want. Just set the > sslrootcert parameter of your connection to point to the system file. e.g.
> psql "sslmode=verify-full
> sslrootcert=/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt ..."
While that does work for me, it seems pretty OS-specific and
user-unfriendly. Why should ordinary users need to know that
much about their platform's OpenSSL installation?
regards, tom lane
