Re: Supporting Windows SChannel as OpenSSL replacement
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Heikki Linnakangas <hlinnakangas@vmware.com>
Cc: Jeff Janes <jeff.janes@gmail.com>, Andreas Karlsson <andreas@proxel.se>,
Martijn van Oosterhout <kleptog@svana.org>,
Magnus Hagander <magnus@hagander.net>,
PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2014-08-14T18:16:23Z
Lists: pgsql-hackers
On Tue, Aug 12, 2014 at 1:52 PM, Heikki Linnakangas <hlinnakangas@vmware.com> wrote: > This isn't a showstopper, but needs some thought. As the patch stands, it > uses a single key container called "PostgreSQL server key container", and > makes no attempt to delete the keys after they're no longer used. That > works, but it leaves the key lying on the system. What about using something like 'PostgreSQL ' || system_identifier? Would it make sense to have pg_ctl unregister delete the key container, or do we need a separate facility for that? -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company