mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-11-27 07:21:09 +08:00
Add two documentation tables to outline SSL file usage for client and server.
This commit is contained in:
Bruce Momjian
parent
08c37fd44b
commit
60a6dbb76c
@ -1,4 +1,4 @@
|
||||
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.249 2007/12/25 04:00:43 momjian Exp $ -->
|
||||
<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.250 2007/12/25 06:15:34 momjian Exp $ -->
|
||||
|
||||
<chapter id="libpq">
|
||||
<title><application>libpq</application> - C Library</title>
|
||||
@ -5200,6 +5200,48 @@ defaultNoticeProcessor(void *arg, const char *message)
|
||||
application.
|
||||
</para>
|
||||
|
||||
<table id="libpq-ssl-file-usage">
|
||||
<title>SSL Client File Usage</title>
|
||||
<tgroup cols="3">
|
||||
<thead>
|
||||
<row>
|
||||
<entry>File</entry>
|
||||
<entry>Contents</entry>
|
||||
<entry>Effect</entry>
|
||||
</row>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
|
||||
<row>
|
||||
<entry><filename>~/.postgresql/postgresql.crt</></entry>
|
||||
<entry>client certificate</entry>
|
||||
<entry>requested by server</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>~/.postgresql/postgresql.key</></entry>
|
||||
<entry>client private key</entry>
|
||||
<entry>used to authenticate client certificate</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>~/.postgresql/root.crt</></entry>
|
||||
<entry>trusted certificate authorities</entry>
|
||||
<entry>requests server certificate; checks certificate is
|
||||
signed by a trusted certificate authority</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>~/.postgresql/root.crl</></entry>
|
||||
<entry>certificates revoked by certificate authorities</entry>
|
||||
<entry>server certificate must not be on this list</entry>
|
||||
</row>
|
||||
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>
|
||||
|
||||
</sect1>
|
||||
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.395 2007/12/25 04:00:44 momjian Exp $ -->
|
||||
<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.396 2007/12/25 06:15:34 momjian Exp $ -->
|
||||
|
||||
<chapter Id="runtime">
|
||||
<title>Operating System Environment</title>
|
||||
@ -1641,7 +1641,49 @@ $ <userinput>kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`</userinput
|
||||
the server for changes in them to take effect.
|
||||
</para>
|
||||
|
||||
<sect2 id="ssl-certificate">
|
||||
<table id="ssl-file-usage">
|
||||
<title>SSL Server File Usage</title>
|
||||
<tgroup cols="3">
|
||||
<thead>
|
||||
<row>
|
||||
<entry>File</entry>
|
||||
<entry>Contents</entry>
|
||||
<entry>Effect</entry>
|
||||
</row>
|
||||
</thead>
|
||||
|
||||
<tbody>
|
||||
|
||||
<row>
|
||||
<entry><filename>server.crt</></entry>
|
||||
<entry>server certificate</entry>
|
||||
<entry>requested by client</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>server.key</></entry>
|
||||
<entry>server private key</entry>
|
||||
<entry>used to authenticate server certificate</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>root.crt</></entry>
|
||||
<entry>trusted certificate authorities</entry>
|
||||
<entry>requests client certificate; checks certificate is
|
||||
signed by a trusted certificate authority</entry>
|
||||
</row>
|
||||
|
||||
<row>
|
||||
<entry><filename>root.crl</></entry>
|
||||
<entry>certificates revoked by certificate authorities</entry>
|
||||
<entry>client certificate must not be on this list</entry>
|
||||
</row>
|
||||
|
||||
</tbody>
|
||||
</tgroup>
|
||||
</table>
|
||||
|
||||
<sect2 id="ssl-certificate-creation">
|
||||
<title>Creating a Self-Signed Certificate</title>
|
||||
|
||||
<para>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user