Re: sslmode=secure by default (Re: Making sslrootcert=system work on Windows psql)
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Jelte Fennema-Nio <postgres@jeltef.nl>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>,
Peter Eisentraut <peter@eisentraut.org>,
Christoph Berg <myon@debian.org>,
George MacKerron <george@mackerron.co.uk>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2025-04-25T13:04:25Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
doc: Clarify the system value for sslrootcert
- dda1b0603523 16.9 landed
- daa16893faa9 18.0 landed
- c88b36d382eb 17.5 landed
> On 25 Apr 2025, at 00:16, Jelte Fennema-Nio <postgres@jeltef.nl> wrote: > Let me derail some more, while we're at it I think it would be good to > add tls-prefixed aliases for all our ssl options. Like tlscert/tlskey. > Since such a new postgress:// scheme would be totally new, maybe we > can even disallow the ssl prefixed ones there. I think that would be a mistake, 'SSL' has long lost its original meaning and is now interpreted to be an umbrella term for "secure connections with certificates and things". Sticking to ssl_* will most likely be the least confusing for our users. -- Daniel Gustafsson