From d2d4c35080026ba3da49583e30c1fd53c9fb22dd Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Sat, 9 Nov 2019 10:13:14 +0100 Subject: [PATCH] doc: Clarify documentation about SSL passphrases The previous statement that using a passphrase disables the ability to change the server's SSL configuration without a server restart was no longer completely true since the introduction of ssl_passphrase_command_supports_reload. --- doc/src/sgml/runtime.sgml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml index 112ae591dc..a34d31d297 100644 --- a/doc/src/sgml/runtime.sgml +++ b/doc/src/sgml/runtime.sgml @@ -2310,8 +2310,9 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433 If the private key is protected with a passphrase, the server will prompt for the passphrase and will not start until it has been entered. - Using a passphrase also disables the ability to change the server's SSL - configuration without a server restart. + Using a passphrase by default disables the ability to change the server's + SSL configuration without a server restart, but see . Furthermore, passphrase-protected private keys cannot be used at all on Windows.