On Tue, Feb 28, 2017 at 10:50:02PM +0100, Frazer McLean wrote:
> On 28 Feb 2017, at 21:51, Bruce Momjian wrote:
> >I have researched this and will post a blog and and document the fix in
> >the next few months. The reason you have to supply the entire
> >certificate chain to the root CA on the cli
On 28 Feb 2017, at 21:51, Bruce Momjian wrote:
I have researched this and will post a blog and and document the fix
in
the next few months. The reason you have to supply the entire
certificate chain to the root CA on the client is because you have not
used the "-extensions v3_ca" flag to openss
On Mon, Feb 27, 2017 at 12:11:47AM +0100, Frazer McLean wrote:
> I found a solution to the problem, which I’l send here to help those who
> find the original email via search.
>
> The intermediate CRL file must be concatenated to CRL files going back to
> the root CA.
I have researched this and w
I found a solution to the problem, which I’l send here to help those
who find the original email via search.
The intermediate CRL file must be concatenated to CRL files going back
to the root CA.
On 26 Feb 2017, at 15:42, Frazer McLean wrote:
Hi,
I was trying to set up PostgreSQL to use a
Hi,
I was trying to set up PostgreSQL to use a certificate revocation list
so I could revoke client certificates, but was unable to get it to work.
I was following [this tutorial][1] to create root and intermediate CA
certificates, then producing certificates for the PostgreSQL server and
cl
