rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: clarify intermediate certificate creation instructions 

Specifically, explain the v3_ca openssl specification.

Discussion: https://postgr.es/m/20200824175653.GA32411@momjian.us

Backpatch-through: 9.5
This commit is contained in:
Bruce Momjian 2020-08-31 16:21:03 -04:00
parent 70e791f47e
commit b1ae70b3b4
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/src/sgml/runtime.sgml
View File

@ -2193,8 +2193,10 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
The certificates of <quote>intermediate</quote> certificate authorities The certificates of <quote>intermediate</quote> certificate authorities
can also be appended to the file. Doing this avoids the necessity of can also be appended to the file. Doing this avoids the necessity of
storing intermediate certificates on clients, assuming the root and storing intermediate certificates on clients, assuming the root and
intermediate certificates were created with <literal>v3_ca</literal> intermediate certificates were created with <literal>v3_ca </literal>
extensions. This allows easier expiration of intermediate certificates. extensions. (This sets the certificate's basic constraint of
<literal>CA</literal> to <literal>true</literal>.)
This allows easier expiration of intermediate certificates.
</para> </para>
<para> <para>