doc: Remove mentions of server-side CRL and CA file names

Commit a445cb92ef5b3a31313ebce30e18cc1d6e0bdecb removed the default file
names for server-side CRL and CA files, but left them in the docs with a
small note.  This removes the note and the previous default names to
clarify, as well as changes mentions of the file names to make it
clearer that they are configurable.

Author: Daniel Gustafsson 
Reviewed-by: Michael Paquier 

diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index 2b6255ed95adabb1645e291079b7673831d6e8c0..5f59a382f18772edc1dc43c337e0459d39904464 100644 (file)
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -983,10 +983,6 @@ include_dir 'conf.d'
         The default is empty, meaning no CA file is loaded,
         and client certificate verification is not performed.
        
-       
-        In previous releases of PostgreSQL, the name of this file was
-        hard-coded as root.crt.
-       
       
      
 
@@ -1022,10 +1018,6 @@ include_dir 'conf.d'
         file or on the server command line.
         The default is empty, meaning no CRL file is loaded.
        
-       
-        In previous releases of PostgreSQL, the name of this file was
-        hard-coded as root.crl.
-       
       
      
 

diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index f154b6b5fafe6b2078f520d2fd2fe437ebf3719c..957096681a64b4bb5e42ad2bd126f0c8a6b80dfe 100644 (file)
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -7638,8 +7638,8 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
    certificate of the signing authority to the postgresql.crt
    file, then its parent authority's certificate, and so on up to a certificate
    authority, root or intermediate, that is trusted by
-   the server, i.e. signed by a certificate in the server's
-   root.crt file.
+   the server, i.e. signed by a certificate in the server's root CA file
+   ().
   
 
   

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 6d57525515e5acf3726bf41902c1adc8b2b8f62a..088316cfb64f94bc527eeeac74799d611082ea25 100644 (file)
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -2264,7 +2264,7 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
   
    To require the client to supply a trusted certificate, place
    certificates of the certificate authorities (CAs)
-   you trust in the file root.crt in the data
+   you trust in a file named root.crt in the data
    directory, set the parameter  in
    postgresql.conf to root.crt,
    and add the authentication option clientcert=1 to the
@@ -2321,7 +2321,7 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
    
      summarizes the files that are
     relevant to the SSL setup on the server.  (The shown file names are default
-    or typical names.  The locally configured names could be different.)
+    names.  The locally configured names could be different.)
    
 
   
@@ -2351,14 +2351,14 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
      
 
      
-       ($PGDATA/root.crt)
+      
       trusted certificate authorities
       checks that client certificate is
       signed by a trusted certificate authority
      
 
      
-       ($PGDATA/root.crl)
+      
       certificates revoked by certificate authorities
       client certificate must not be on this list
      

diff --git a/doc/src/sgml/sslinfo.sgml b/doc/src/sgml/sslinfo.sgml
index 7bda33efa328c30436841716a56cf617d34910b0..1fd323a0b64eaf435e41f585a0348cab37c5a760 100644 (file)
--- a/doc/src/sgml/sslinfo.sgml
+++ b/doc/src/sgml/sslinfo.sgml
@@ -150,7 +150,7 @@
     
     
      This function is really useful only if you have more than one trusted CA
-     certificate in your server's root.crt file, or if this CA
+     certificate in your server's certificate authority file, or if this CA
      has issued some intermediate certificate authority certificates.