Search Postgresql Archives

Re: Support for hardware tokens for server/replication private key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Dec 3, 2015 at 5:31 AM, mdaswani <md@xxxxxxxxxxxxxxxxxxxx> wrote:
Hi,

Postgres allows client-side SSL requests to use secret keys on hardware
tokens via OpenSSL engine support. Is there an equivalent way to store the
server key on a hardware token.

Similarly, is it possible to specify private keys on a hardware token for
replication connections? Does the sslkey parameter of the primary_conninfo
string in the recovery.conf file accept an OpenSSL Engine token key?

While I haven't tested it and haven't heard of anybody else who has, it should work. From a libpq perspective ,the replication standby is "just another client", so any parameters that work for libpq should work there. 

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux