sslinfo
sslinfo
sslinfo : information about SSL certificates
Overview
| ID | Extension | Package | Version | Category | License | Language |
|---|---|---|---|---|---|---|
| 6920 | sslinfo
|
sslinfo
|
1.2 |
STAT
|
PostgreSQL
|
C
|
| Attribute | Has Binary | Has Library | Need Load | Has DDL | Relocatable | Trusted |
|---|---|---|---|---|---|---|
--s-d--
|
No
|
Yes
|
No
|
Yes
|
no
|
no
|
| Relationships | |
|---|---|
| See Also | sslutils
pg_profile
pg_tracing
pg_show_plans
pg_stat_kcache
pg_stat_monitor
pg_qualstats
pg_store_plans
|
Packages
| PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|
1.2
|
1.2
|
1.2
|
1.2
|
1.2
|
This is a built-in contrib extension ship with the PostgreSQL kernel
Install
Create this extension with:
CREATE EXTENSION sslinfo;Usage
sslinfo provides functions to access information about the SSL certificate used in the current database connection.
Functions
-- Check if current connection uses SSL
SELECT ssl_is_used();
-- SSL/TLS protocol version (TLSv1.2, TLSv1.3, etc.)
SELECT ssl_version();
-- Cipher name (e.g., DHE-RSA-AES256-SHA)
SELECT ssl_cipher();
-- Check if client presented a valid certificate
SELECT ssl_client_cert_present();
-- Client certificate serial number
SELECT ssl_client_serial();
-- Client certificate subject (full DN)
SELECT ssl_client_dn();
-- e.g., /CN=Somebody /C=Some country/O=Some organization
-- Certificate issuer (full DN)
SELECT ssl_issuer_dn();
-- Specific field from client certificate subject
SELECT ssl_client_dn_field('CN');
SELECT ssl_client_dn_field('O');
-- Specific field from certificate issuer
SELECT ssl_issuer_field('CN');
-- Client certificate extensions
SELECT * FROM ssl_extension_info();
-- Returns: name, value, criticalNotes
- Most functions return NULL if the connection does not use SSL
- Requires PostgreSQL compiled with OpenSSL support
- The combination of
ssl_client_serial()andssl_issuer_dn()uniquely identifies a certificate
Last updated on