<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.234 2007/02/2019:35:17 momjian Exp $ -->

<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->

<chapter id="libpq">

<title><application>libpq</application> - C Library</title>

<filename>%APPDATA%\postgresql\root.crt</filename>.)

The SSL connection will

fail if the server does not present a certificate; therefore, to

use this feature the server mustalsohave a <filename>root.crt</> file.

use this feature the server must have a <filename>server.crt</> file.

Certificate Revocation List (CRL) entries are also checked if the file

<filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename>

on Microsoft Windows).

<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.380 2007/03/06 09:59:22 petere Exp $ -->

<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.381 2007/03/30 03:19:02 momjian Exp $ -->

<chapter Id="runtime">

<title>Operating System Environment</title>

certificates of the <acronym>CA</acronym>(s) you wish to check for in

the file <filename>root.crt</filename> in the data directory. When

present, a client certificate will be requested from the client

during SSL connection startup, and it must have been signed by one of the

certificates present in <filename>root.crt</filename>. Certificate

Revocation List (CRL) entries are also checked if the file

<filename>root.crl</filename> exists.

during SSL connection startup, and it must have been signed by one of

the certificates present in <filename>root.crt</filename>. (See <xref

linkend="libpq-ssl"> for a description of how to set up client

certificates.) Certificate Revocation List (CRL) entries are also

checked if the file <filename>root.crl</filename> exists.

</para>

<para>