Re: SSL support for javax.sql.DataSource - Mailing list pgsql-jdbc

From Albe Laurenz
Subject Re: SSL support for javax.sql.DataSource
Date
Msg-id AFCCBB403D7E7A4581E48F20AF3E5DB20375C3C4@EXADV1.host.magwien.gv.at
Whole thread Raw
In response to SSL support for javax.sql.DataSource  ("Albe Laurenz" <all@adv.magwien.gv.at>)
Responses Re: SSL support for javax.sql.DataSource
List pgsql-jdbc
Kris Jurka wrote:
>> Wouldn't it be a good thing to have SSL support for DataSource
>> connections?
>>
>> It shouldn't be too hard; attached is a patch (against 8.3dev-600)
>> that shows what I mean. It is probably unclean to hard code the
>> NonValidatingFactory...
>
> Especially since it changes the default behavior of the driver to not
> validate.  If you'd like to change the default, that discussion should

> happen elsewhere and should affect all the connection
> methods.  Why not
> just export the sslfactory option to the DataSource as well?

Sure, that would be easy.

I wanted to know if this was welcome at all, so I started with a simple
patch to explain my idea.

Should I go ahead and write a patch against CVS HEAD, including
sslfactory?
I guess I should write a patch or the documentation too then.

As you say, that discussion should happen elsewhere, but I believe that
SSL without certificate validation would be a good default
because this is the way it is done everywhere else in PostgreSQL.

Yours,
Laurenz Albe

pgsql-jdbc by date:

Previous
From: Tom Lane
Date:
Subject: Re: Literal vs parameterized 'timestamp with time zone' value
Next
From: Mario Splivalo
Date:
Subject: Log files cluttered with jdbc3/4 for pg8.2