|
1 | | -<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.278 2009/02/11 04:08:47 momjian Exp $ --> |
| 1 | +<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.279 2009/03/23 01:45:29 momjian Exp $ --> |
2 | 2 |
|
3 | 3 | <chapter id="libpq"> |
4 | 4 | <title><application>libpq</application> - C Library</title> |
|
285 | 285 | This option controls how libpq verifies the certificate on the |
286 | 286 | server when performing an <acronym>SSL</> connection. There are |
287 | 287 | three options: <literal>none</> disables verification completely |
288 | | - (not recommended!); <literal>cert</> enables verification that |
289 | | - the certificate chains to a known CA only; <literal>cn</> will |
290 | | - both verify that the certificate chains to a known CA and that |
291 | | - the <literal>cn</> attribute of the certificate matches the |
292 | | - hostname the connection is being made to (default). |
| 288 | + (not recommended); <literal>cert</> enables verification that |
| 289 | + the server certificate chains to a known certificate |
| 290 | + authority (CA); <literal>cn</> will both verify that the |
| 291 | + certificate chains to a known CA and that the <literal>cn</> |
| 292 | + attribute of the server certificate matches the server's |
| 293 | + hostname (default). |
293 | 294 | </para> |
294 | 295 |
|
295 | 296 | <para> |
|