Simplify SSL certificate instructions.

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 703d2ddc95721474578bce919f43247692eba732..36adf5ec9477b3fb8d9bec477a51ab1c79f895ae 100644 (file)
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,5 +1,5 @@
 
 
 
@@ -2862,7 +2862,8 @@ $ kill -INT `head -1 /usr/local/pgsql/data/postmaster.pid`
    self-signed certificate, use the following
    OpenSSL command:
 
-openssl req -new -text -out cert.req
+cd $PGDATA
+openssl req -new -text -out server.req
 
    Fill out the information that openssl asks for. Make sure
    that you enter the local host name as Common Name; the challenge
@@ -2871,14 +2872,13 @@ openssl req -new -text -out cert.req
    than four characters long. To remove the passphrase (as you must if
    you want automatic start-up of the server), run the commands
 
-openssl rsa -in privkey.pem -out cert.pem
+openssl rsa -in privkey.pem -out server.key
+rm privkey.pem
 
    Enter the old passphrase to unlock the existing key. Now do
 
-openssl req -x509 -in cert.req -text -key cert.pem -out cert.cert
-chmod og-rwx cert.pem
-cp cert.pem $PGDATA/server.key
-cp cert.cert $PGDATA/server.crt
+openssl req -x509 -in server.req -text -key server.key -out server.crt
+chmod og-rwx server.key
 
    to turn the certificate into a self-signed certificate and to copy the
    key and certificate to where the server will look for them.