On Sun, Sep 10, 2006 at 09:39:59PM -0600, Michael Fuhr wrote: > On Mon, Sep 11, 2006 at 02:32:26AM +0200, Jean-Gerard Pailloncy wrote: > > 1) Is it possible to use the SSL authentification done by apache with > > PostgreSQL ? > > I'm not aware of a way for Apache to proxy PostgreSQL's SSL > negotiation with the PHP script back to the HTTP client. If such a capability existed then it could arguably be considered a flaw in SSL because it would allow a server to impersonate one of its clients to another server or to hijack a client's secure connection with another server. Secure protocols are designed to prevent such attacks. -- Michael Fuhr
