Dan Kaminsky wrote: > >> 1) No roots (but still works for some unknown reason) > >> 2) Explicitly configured corporate roots > >> 3) Explicitly configured corporate roots, AND global roots > >> 4) Global roots (but still works for some unknown reason)
> So, if you do nothing special, it's #1? Sounds like the path of least > resistance is no security. Uh oh. Yeah, in the average, if not common case, a user interested in SSL use would probably just follow the recipe in the documentation for creating and installing a self-signed certificate with no certificate checking in the client. Which, as you correctly observe, is pretty much completely useless. Someone should probably redesign, reconfigure, and redocument this. -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs