Contributing guide now includes instructions to test client ssl auth

2022-10-29 19:00:29 -05:00
parent 9eaeb51e30
commit 6b52e0b5e0
6 changed files with 85 additions and 14 deletions
@@ -0,0 +1,6 @@
+[ req ]
+distinguished_name = dn
+[ dn ]
+commonName         = ca
+[ ext ]
+basicConstraints   =CA:TRUE,pathlen:0
@@ -4,3 +4,4 @@ host      all         pgx_md5     127.0.0.1/32          md5
 host      all         pgx_scram   127.0.0.1/32          scram-sha-256
 host      all         pgx_pw      127.0.0.1/32          password
 hostssl   all         pgx_ssl     127.0.0.1/32          scram-sha-256
+hostssl   all         pgx_sslcert 127.0.0.1/32          cert
@@ -0,0 +1,9 @@
+[ req ]
+default_bits       = 2048
+distinguished_name = dn
+req_extensions     = v3_req
+prompt             = no
+[ dn ]
+commonName         = pgx_sslcert
+[ v3_req ]
+keyUsage           = digitalSignature
@@ -3,12 +3,13 @@ create extension hstore;
 create domain uint64 as numeric(20,0);

 -- Create users for different types of connections and authentication.
-create user pgx_ssl PASSWORD 'secret' with superuser;
+create user pgx_ssl with superuser PASSWORD 'secret';
+create user pgx_sslcert with superuser PASSWORD 'secret';
 set password_encryption = md5;
-create user pgx_md5 PASSWORD 'secret' with superuser;
+create user pgx_md5 with superuser PASSWORD 'secret';
 set password_encryption = 'scram-sha-256';
-create user pgx_pw PASSWORD 'secret' with superuser;
-create user pgx_scram PASSWORD 'secret' with superuser;
+create user pgx_pw with superuser PASSWORD 'secret';
+create user pgx_scram with superuser PASSWORD 'secret';
 \set whoami `whoami`
 create user :whoami with superuser; -- unix domain socket user