jackc
commented
5 months ago LGTM. However, I noticed there are no tests. I know this might be tricky to test, but is there anyway to verify that it actually works?
Closed yann-soubeyrand closed 4 months ago
jackc
commented
5 months ago LGTM. However, I noticed there are no tests. I know this might be tricky to test, but is there anyway to verify that it actually works?
yann-soubeyrand
commented
5 months ago Hello, yes, I didn’t know how to add tests for that (setting up an environment on my workstation to make tests seemed a little bit complicated for the time I had unfortunately…). I guess we can have a test similar to the test for sslrootcert=./path/to/ca-cert.crt, but with a step to install the CA certificate in the system pool?
jackc
commented
4 months ago Well, I think I will just merge it. The code looks right. And I don't see any good way to test it either.
Hello,
libpq supports using system certificate authorities to verify the server TLS certificate: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-SSLROOTCERT. This PR tries to add compatible behaviour to pgx.