From f5fd995a1a24e6571d26b1e29c4dc179112b1003 Mon Sep 17 00:00:00 2001
From: Andrew Dunstan <andrew@dunslane.net>
Date: Thu, 9 Jan 2020 18:39:54 +1030
Subject: Allow 'sslkey' and 'sslcert' in postgres_fdw user mappings

This allows different users to authenticate with different certificates.

Author: Craig Ringer
---
 doc/src/sgml/postgres-fdw.sgml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'doc/src')

diff --git a/doc/src/sgml/postgres-fdw.sgml b/doc/src/sgml/postgres-fdw.sgml
index 4986b7f5b5d..812e62cb363 100644
--- a/doc/src/sgml/postgres-fdw.sgml
+++ b/doc/src/sgml/postgres-fdw.sgml
@@ -107,13 +107,13 @@
     A foreign server using the <filename>postgres_fdw</filename> foreign data wrapper
     can have the same options that <application>libpq</application> accepts in
     connection strings, as described in <xref linkend="libpq-paramkeywords"/>,
-    except that these options are not allowed:
+    except that these options are not allowed or have special handling:
 
     <itemizedlist spacing="compact">
      <listitem>
       <para>
        <literal>user</literal>, <literal>password</literal> and <literal>sslpassword</literal> (specify these
-       in a user mapping, instead)
+       in a user mapping, instead, or use a service file)
       </para>
      </listitem>
      <listitem>
@@ -128,6 +128,14 @@
        <literal>postgres_fdw</literal>)
       </para>
      </listitem>
+     <listitem>
+      <para>
+       <literal>sslkey</literal> and <literal>sslpassword</literal> - these may
+       appear in <emphasis>either or both</emphasis> a connection and a user
+       mapping. If both are present, the user mapping setting overrides the
+       connection setting.
+      </para>
+     </listitem>
     </itemizedlist>
    </para>
 
-- 
cgit v1.2.3