From: Bruce Momjian <bruce@momjian.us>
Date: Sat, 11 Apr 2009 12:27:53 +0000 (+0000)
Subject: Better document libpq sslverify behavior as requiring root.crt.
X-Git-Tag: REL8_4_BETA2~124
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=58176734489216916751e30bd11f365bcc01251d;p=postgresql

Better document libpq sslverify behavior as requiring root.crt.
---

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 1540ed6269..463993960f 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.281 2009/03/31 01:41:27 tgl Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/libpq.sgml,v 1.282 2009/04/11 12:27:53 momjian Exp $ -->
 
 <chapter id="libpq">
  <title><application>libpq</application> - C Library</title>
@@ -6131,9 +6131,9 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough)
 
   <para>
    When the <literal>sslverify</> parameter is set to <literal>cn</> or
-   <literal>cert</>, libpq will verify that the server certificate is
-   trustworthy by checking the certificate chain up to a <acronym>CA</>.
-   For this to work, place the certificate of a trusted <acronym>CA</>
+   <literal>cert</>, libpq requires a trustworthy server certificate by
+   checking the certificate chain up to a <acronym>CA</>.
+   To allow verification, place the certificate of a trusted <acronym>CA</>
    in the file <filename>~/.postgresql/root.crt</> in the user's home directory.
    (On Microsoft Windows the file is named
    <filename>%APPDATA%\postgresql\root.crt</filename>.)