Hi, I¡¯m using postgreSQL with SSL these days. The version I¡¯m using is 8.0.3. I found that it¡¯s impossible to use an encrypted key file. When you use a protected server.key file, you will be prompted to input your passphrase EVERYTIME IT¡¯S USED, not only when you start the server but also when a client makes a connection. So you have to leave the key file un-protected. I think it¡¯s a serious vulnerability since the security relies on the secrecy of the private key. Without encryption, the only thing we can use to protect the private key is the access control mechanism provided by the OS. Any comments on this issue? cheers, Changyu __________________________________ Discover Yahoo! Have fun online with music videos, cool games, IM and more. Check it out! http://discover.yahoo.com/online.html ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org
