mirrors/postgres
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: clarify intermediate certificate creation instructions

Browse Source 
Specifically, explain the v3_ca openssl specification.

Discussion: https://postgr.es/m/20200824175653.GA32411@momjian.us

Backpatch-through: 9.5
This commit is contained in:
Bruce Momjian 2020-08-31 16:21:03 -04:00
parent 1bb41c6ad7
commit 8924ca865b
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/src/sgml/runtime.sgml
View File

@ -2178,8 +2178,10 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
The certificates of <quote>intermediate</quote> certificate authorities The certificates of <quote>intermediate</quote> certificate authorities
can also be appended to the file. Doing this avoids the necessity of can also be appended to the file. Doing this avoids the necessity of
storing intermediate certificates on clients, assuming the root and storing intermediate certificates on clients, assuming the root and
intermediate certificates were created with <literal>v3_ca</literal> intermediate certificates were created with <literal>v3_ca </literal>
extensions. This allows easier expiration of intermediate certificates. extensions. (This sets the certificate's basic constraint of
<literal>CA</literal> to <literal>true</literal>.)
This allows easier expiration of intermediate certificates.
</para> </para>
<para> <para>