From 2ebfe9a81813cd503d69ac73243d0aff93550ef7 Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Fri, 30 Mar 2007 03:19:02 +0000
Subject: [PATCH] Update SSL description for when SSL root.crt/server.crt is
 required; add link to libpq SSL does from server docs.

Backpatch to 8.2.X.
---
 doc/src/sgml/libpq.sgml   |  4 ++--
 doc/src/sgml/runtime.sgml | 11 ++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 4e0f5cee23c..1a4118174e8 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.234 2007/02/20 19:35:17 momjian Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.235 2007/03/30 03:19:02 momjian Exp $ -->
 
  <chapter id="libpq">
   <title><application>libpq</application> - C Library</title>
@@ -4501,7 +4501,7 @@ ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?one?(cn=mydatabase)
    <filename>%APPDATA%\postgresql\root.crt</filename>.)
    The SSL connection will
    fail if the server does not present a certificate; therefore, to
-   use this feature the server must also have a <filename>root.crt</> file.
+   use this feature the server must have a <filename>server.crt</> file.
    Certificate Revocation List (CRL) entries are also checked if the file
    <filename>~/.postgresql/root.crl</filename> exists (<filename>%APPDATA%\postgresql\root.crl</filename>
    on Microsoft Windows).
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 61cc6c37b87..9a724098a7c 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.380 2007/03/06 09:59:22 petere Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.381 2007/03/30 03:19:02 momjian Exp $ -->
 
 <chapter Id="runtime">
  <title>Operating System Environment</title>
@@ -1574,10 +1574,11 @@ chmod og-rwx server.key
    certificates of the <acronym>CA</acronym>(s) you wish to check for in
    the file <filename>root.crt</filename> in the data directory.  When
    present, a client certificate will be requested from the client
-   during SSL connection startup, and it must have been signed by one of the
-   certificates present in <filename>root.crt</filename>.  Certificate 
-   Revocation List (CRL) entries are also checked if the file 
-   <filename>root.crl</filename> exists.
+   during SSL connection startup, and it must have been signed by one of
+   the certificates present in <filename>root.crt</filename>.  (See <xref
+   linkend="libpq-ssl"> for a description of how to set up client
+   certificates.) Certificate Revocation List (CRL) entries are also
+   checked if the file <filename>root.crl</filename> exists.
   </para>
 
   <para>
-- 
GitLab