Home > mailing lists

Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql) - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql)
Date	April 25 16:04:25
Msg-id	05D3E9A4-79B9-40BB-B24E-21A9CC475417@yesql.se Whole thread Raw
In response to	Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql) (Jelte Fennema-Nio <postgres@jeltef.nl>)
List	pgsql-hackers

Tree view

> On 25 Apr 2025, at 00:16, Jelte Fennema-Nio <postgres@jeltef.nl> wrote:

> Let me derail some more, while we're at it I think it would be good to
> add tls-prefixed aliases for all our ssl options. Like tlscert/tlskey.
> Since such a new postgress:// scheme would be totally new, maybe we
> can even disallow the ssl prefixed ones there.

I think that would be a mistake, 'SSL' has long lost its original meaning and
is now interpreted to be an umbrella term for "secure connections with
certificates and things".  Sticking to ssl_* will most likely be the least
confusing for our users.

--
Daniel Gustafsson

pgsql-hackers by date:

From: Daniel Gustafsson
Date: 25 April, 15:53:04
Subject: Re: Making sslrootcert=system work on Windows psql

From: Matheus Alcantara
Date: 25 April, 16:25:14
Subject: Re: extension_control_path and "directory"

Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql) - Mailing list pgsql-hackers

Previous

Next