diff options
| -rw-r--r-- | doc/FAQ | 10 | ||||
| -rw-r--r-- | doc/src/FAQ/FAQ.html | 15 |
2 files changed, 17 insertions, 8 deletions
@@ -1,7 +1,7 @@ Frequently Asked Questions (FAQ) for PostgreSQL - Last updated: Wed Jul 23 12:53:27 EDT 2003 + Last updated: Fri Jul 25 18:07:30 EDT 2003 Current maintainer: Bruce Momjian ([email protected]) @@ -1111,8 +1111,12 @@ CREATE TABLE test (x int, modtime timestamp DEFAULT CURRENT_TIMESTAMP ); * contrib/pgcrypto contains many encryption functions for use in SQL queries. - * The only way to encrypt transmission from the client to the server - is by using hostssl in pg_hba.conf. + * To encrypt transmission from the client to the server, the server + must have the ssl option set to true in postgresql.conf, and an + applicable host or hostssl record must exist in pg_hba.conf, and + the client sslmode must not be disable. (Note that it is also + possible to use a third-party encrypted transport, such as stunnel + or ssh, rather than PostgreSQL's native SSL connections.) * Database user passwords are automatically encrypted when stored in version 7.3. In previous versions, you must enable the option PASSWORD_ENCRYPTION in postgresql.conf. diff --git a/doc/src/FAQ/FAQ.html b/doc/src/FAQ/FAQ.html index 82eed3c326d..641a3de6ea2 100644 --- a/doc/src/FAQ/FAQ.html +++ b/doc/src/FAQ/FAQ.html @@ -10,7 +10,7 @@ alink="#0000ff"> <H1>Frequently Asked Questions (FAQ) for PostgreSQL</H1> - <P>Last updated: Wed Jul 23 12:53:27 EDT 2003</P> + <P>Last updated: Fri Jul 25 18:07:30 EDT 2003</P> <P>Current maintainer: Bruce Momjian (<A href= "mailto:[email protected]">[email protected]</A>)<BR> @@ -1401,10 +1401,15 @@ BYTEA bytea variable-length byte array (null-byte safe) <UL> <LI><I>contrib/pgcrypto</I> contains many encryption functions for use in <SMALL>SQL</SMALL> queries.</LI> - <LI>The only way to encrypt transmission from the client to the - server is by using <I>hostssl</I> in <I>pg_hba.conf</I>.</LI> - <LI>Database user passwords are automatically encrypted when stored - in version 7.3. In previous versions, you must enable the option + <LI>To encrypt transmission from the client to the server, the server + must have the <I>ssl</I> option set to <I>true</I> in <I>postgresql.conf, + </I> and an applicable <I>host</I> or <I>hostssl</I> record must exist in + <I>pg_hba.conf</I>, and the client <I>sslmode</I> must not be + <I>disable.</I> (Note that it is also possible to use a third-party + encrypted transport, such as stunnel or ssh, rather than PostgreSQL's + native SSL connections.) + <LI>Database user passwords are automatically encrypted when stored in + version 7.3. In previous versions, you must enable the option <I>PASSWORD_ENCRYPTION</I> in <I>postgresql.conf</I>.</LI> <LI>The server can run using an encrypted file system.</LI> </UL> |