Re: [HACKERS] libpq connection strings: control over the cipher suites?

On 11/09/2017 03:17 PM, Michael Paquier wrote: > On Fri, Nov 10, 2017 at 2:53 AM, Joe Conway wrote: >> On 11/09/2017 03:27 AM, Graham Leggett wrote: >>> Is there a parameter or mechanism for setting the required ssl cipher list >>> from the client side? >> >> I don't believe

Re: [HACKERS] libpq connection strings: control over the cipher suites?

On Fri, Nov 10, 2017 at 2:53 AM, Joe Conway wrote: > On 11/09/2017 03:27 AM, Graham Leggett wrote: >> Is there a parameter or mechanism for setting the required ssl cipher list >> from the client side? > > I don't believe so. That is controlled by ssl_ciphers, which requires

Re: [HACKERS] libpq connection strings: control over the cipher suites?

On 11/09/2017 03:27 AM, Graham Leggett wrote: > Is there a parameter or mechanism for setting the required ssl cipher list > from the client side? I don't believe so. That is controlled by ssl_ciphers, which requires a restart in order to change.

[HACKERS] libpq connection strings: control over the cipher suites?

Hi all, According to the docs at https://www.postgresql.org/docs/9.5/static/libpq-connect.html#LIBPQ-CONNSTRING there are various parameters that control ssl from the client side, including providing the ssl certs, keys, etc. Is there a parameter or mechanism for setting the required ssl