sslinfo
sslinfo
sslinfo : information about SSL certificates
Overview
| ID | Extension | Package | Version | Category | License | Language |
|---|---|---|---|---|---|---|
| 6920 | sslinfo | sslinfo | 1.2 | STAT | PostgreSQL | C |
| Attribute | Has Binary | Has Library | Need Load | Has DDL | Relocatable | Trusted |
|---|---|---|---|---|---|---|
--s-d-- | No | Yes | No | Yes | no | no |
| Relationships | |
|---|---|
| See Also | sslutils pg_profile pg_tracing pg_show_plans pg_stat_kcache pg_stat_monitor pg_qualstats pg_store_plans |
Packages
| PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|
1.2 | 1.2 | 1.2 | 1.2 | 1.2 |
This is a built-in contrib extension ship with the PostgreSQL kernel
Install
Create this extension with:
CREATE EXTENSION sslinfo;Usage
sslinfo provides functions to access information about the SSL certificate used in the current database connection.
Functions
-- Check if current connection uses SSL
SELECT ssl_is_used();
-- SSL/TLS protocol version (TLSv1.2, TLSv1.3, etc.)
SELECT ssl_version();
-- Cipher name (e.g., DHE-RSA-AES256-SHA)
SELECT ssl_cipher();
-- Check if client presented a valid certificate
SELECT ssl_client_cert_present();
-- Client certificate serial number
SELECT ssl_client_serial();
-- Client certificate subject (full DN)
SELECT ssl_client_dn();
-- e.g., /CN=Somebody /C=Some country/O=Some organization
-- Certificate issuer (full DN)
SELECT ssl_issuer_dn();
-- Specific field from client certificate subject
SELECT ssl_client_dn_field('CN');
SELECT ssl_client_dn_field('O');
-- Specific field from certificate issuer
SELECT ssl_issuer_field('CN');
-- Client certificate extensions
SELECT * FROM ssl_extension_info();
-- Returns: name, value, criticalNotes
- Most functions return NULL if the connection does not use SSL
- Requires PostgreSQL compiled with OpenSSL support
- The combination of
ssl_client_serial()andssl_issuer_dn()uniquely identifies a certificate
Last updated on