From: Bruce Momjian <bruce@momjian.us>
Date: Sat, 11 Apr 2009 12:27:53 +0000 (+0000)
Subject: Better document libpq sslverify behavior as requiring root.crt.
X-Git-Url: http://git.postgresql.org/gitweb/static/session/index.html?a=commitdiff_plain;h=e34ac92fc6c9175a6987484530ef61c0a40daf6b;p=users%2Fsimon%2Fpostgres.git

Better document libpq sslverify behavior as requiring root.crt.
---

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 3c9ba6aec2..21892ca44a 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -6131,9 +6131,9 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough)
 
   <para>
    When the <literal>sslverify</> parameter is set to <literal>cn</> or
-   <literal>cert</>, libpq will verify that the server certificate is
-   trustworthy by checking the certificate chain up to a <acronym>CA</>.
-   For this to work, place the certificate of a trusted <acronym>CA</>
+   <literal>cert</>, libpq requires a trustworthy server certificate by
+   checking the certificate chain up to a <acronym>CA</>.
+   To allow verification, place the certificate of a trusted <acronym>CA</>
    in the file <filename>~/.postgresql/root.crt</> in the user's home directory.
    (On Microsoft Windows the file is named
    <filename>%APPDATA%\postgresql\root.crt</filename>.)