From f77be47d339898aeab97ba3fb6c649512e34cab7 Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Sat, 9 Nov 2019 10:13:14 +0100 Subject: [PATCH] doc: Clarify documentation about SSL passphrases The previous statement that using a passphrase disables the ability to change the server's SSL configuration without a server restart was no longer completely true since the introduction of ssl_passphrase_command_supports_reload. --- doc/src/sgml/runtime.sgml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml index 333adda408..f16bc45582 100644 --- a/doc/src/sgml/runtime.sgml +++ b/doc/src/sgml/runtime.sgml @@ -2246,8 +2246,9 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433 If the private key is protected with a passphrase, the server will prompt for the passphrase and will not start until it has been entered. - Using a passphrase also disables the ability to change the server's SSL - configuration without a server restart. + Using a passphrase by default disables the ability to change the server's + SSL configuration without a server restart, but see . Furthermore, passphrase-protected private keys cannot be used at all on Windows.