On mån, 2012-01-02 at 23:42 -0500, Tom Lane wrote: > Peter Eisentraut <pete...@gmx.net> writes: > > On mån, 2012-01-02 at 15:47 +0100, Magnus Hagander wrote: > >> Were you thinking one option pointing to a directory or one option per > >> file? > > > One option per file: > > That seems like serious overkill. Why not one option specifying the > directory? What use-case is there for letting them be in different > directories, let alone letting the DBA choose random names for each one?
Several consistency reasons: - We provide the same per-file options in libpq. - Indeed, if you use something like dblink or plproxy, these might even point to the same files. - We also have settings for hba_file and ident_file that point to a file. - All other daemons with SSL support known to me, such as mail and web servers, have per-file options. Also some practical reasons: - Yes, choosing random names is important. We have local naming schemes. And I would rather have a descriptive file name for the CA than having them all named root.crt, and if I want to know which one it is I have to look inside the file. - You might not want all of the files in the same directory. CA and CRL might live elsewhere, for example. -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
