sslinfo
information about SSL certificates
Overview
| Package | Version | Category | License | Language |
|---|---|---|---|---|
sslinfo | 1.2 | STAT | PostgreSQL | C |
| ID | Extension | Bin | Lib | Load | Create | Trust | Reloc | Schema |
|---|---|---|---|---|---|---|---|---|
| 6920 | sslinfo | No | Yes | No | Yes | No | No | - |
| Related | sslutils pg_profile pg_tracing pg_show_plans pg_stat_kcache pg_stat_monitor pg_qualstats pg_store_plans |
|---|
Version
| PG18 | PG17 | PG16 | PG15 | PG14 |
|---|---|---|---|---|
| 1.2 | 1.2 | 1.2 | 1.2 | 1.2 |
Install
Note: This is a built-in contrib extension of PostgreSQL
CREATE EXTENSION sslinfo;
Usage
sslinfo provides functions to access information about the SSL certificate used in the current database connection.
Functions
-- Check if current connection uses SSL
SELECT ssl_is_used();
-- SSL/TLS protocol version (TLSv1.2, TLSv1.3, etc.)
SELECT ssl_version();
-- Cipher name (e.g., DHE-RSA-AES256-SHA)
SELECT ssl_cipher();
-- Check if client presented a valid certificate
SELECT ssl_client_cert_present();
-- Client certificate serial number
SELECT ssl_client_serial();
-- Client certificate subject (full DN)
SELECT ssl_client_dn();
-- e.g., /CN=Somebody /C=Some country/O=Some organization
-- Certificate issuer (full DN)
SELECT ssl_issuer_dn();
-- Specific field from client certificate subject
SELECT ssl_client_dn_field('CN');
SELECT ssl_client_dn_field('O');
-- Specific field from certificate issuer
SELECT ssl_issuer_field('CN');
-- Client certificate extensions
SELECT * FROM ssl_extension_info();
-- Returns: name, value, critical
Notes
- Most functions return NULL if the connection does not use SSL
- Requires PostgreSQL compiled with OpenSSL support
- The combination of
ssl_client_serial()andssl_issuer_dn()uniquely identifies a certificate
Feedback
Was this page helpful?
Thanks for the feedback! Please let us know how we can improve.
Sorry to hear that. Please let us know how we can improve.