sslutils

A Postgres extension for managing SSL certificates through SQL

Overview

Package	Version	Category	License	Language
`sslutils`	`1.4`	SEC	PostgreSQL	C

ID	Extension	Bin	Lib	Load	Create	Trust	Reloc	Schema
7410	`sslutils`	No	Yes	No	Yes	No	No	-

Related	`sslinfo` `pgsodium` `pgsmcrypto` `pgcryptokey` `pgcrypto` `pg_tde` `passwordcheck_cracklib` `supautils`

no pg15,14 on el9, no pg18 on el8

Version

Type	Repo	Version	PG Ver	Package	Deps
EXT	PIGSTY	`1.4`	1817161514	`sslutils`	-
RPM	PIGSTY	`1.4`	1817161514	`sslutils_$v`	-
DEB	PIGSTY	`1.4`	1817161514	`postgresql-$v-sslutils`	-

OS / PG	PG18	PG17	PG16	PG15	PG14
el8.x86_64	PIGSTY 1.4 el8.x86_64.pg18 : sslutils_18 sslutils_18-1.4-1PIGSTY.el8.x86_64.rpm PIGSTY · 1.4 · 24.4KiB	PIGSTY 1.4 el8.x86_64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el8.x86_64.rpm PIGSTY · 1.4 · 24.5KiB sslutils_17-1.4-1PGDG.rhel8.x86_64.rpm PGDG · 1.4 · 24.5KiB	PIGSTY 1.4 el8.x86_64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el8.x86_64.rpm PIGSTY · 1.4 · 24.5KiB sslutils_16-1.4-1PGDG.rhel8.x86_64.rpm PGDG · 1.4 · 24.5KiB	PIGSTY 1.4 el8.x86_64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el8.x86_64.rpm PIGSTY · 1.4 · 24.6KiB sslutils_15-1.3-4.rhel8.x86_64.rpm PGDG · 1.3 · 49.4KiB	PIGSTY 1.4 el8.x86_64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el8.x86_64.rpm PIGSTY · 1.4 · 24.5KiB sslutils_14-1.3-4.rhel8.x86_64.rpm PGDG · 1.3 · 48.9KiB
el8.aarch64	PIGSTY 1.4 el8.aarch64.pg18 : sslutils_18 sslutils_18-1.4-1PIGSTY.el8.aarch64.rpm PIGSTY · 1.4 · 23.5KiB	PIGSTY 1.4 el8.aarch64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el8.aarch64.rpm PIGSTY · 1.4 · 23.6KiB sslutils_17-1.4-1PGDG.rhel8.aarch64.rpm PGDG · 1.4 · 23.4KiB	PIGSTY 1.4 el8.aarch64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el8.aarch64.rpm PIGSTY · 1.4 · 23.6KiB sslutils_16-1.4-1PGDG.rhel8.aarch64.rpm PGDG · 1.4 · 23.4KiB	PIGSTY 1.4 el8.aarch64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el8.aarch64.rpm PIGSTY · 1.4 · 23.6KiB	PIGSTY 1.4 el8.aarch64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el8.aarch64.rpm PIGSTY · 1.4 · 23.6KiB
el9.x86_64	PIGSTY 1.4 el9.x86_64.pg18 : sslutils_18 sslutils_18-1.4-2PIGSTY.el9.x86_64.rpm PIGSTY · 1.4 · 24.8KiB sslutils_18-1.4-2PGDG.rhel9.x86_64.rpm PGDG · 1.4 · 24.5KiB	PIGSTY 1.4 el9.x86_64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el9.x86_64.rpm PIGSTY · 1.4 · 24.8KiB sslutils_17-1.4-1PGDG.rhel9.x86_64.rpm PGDG · 1.4 · 24.4KiB	PIGSTY 1.4 el9.x86_64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el9.x86_64.rpm PIGSTY · 1.4 · 24.8KiB sslutils_16-1.4-1PGDG.rhel9.x86_64.rpm PGDG · 1.4 · 24.4KiB	PIGSTY 1.4 el9.x86_64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el9.x86_64.rpm PIGSTY · 1.4 · 24.8KiB	PIGSTY 1.4 el9.x86_64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el9.x86_64.rpm PIGSTY · 1.4 · 24.8KiB
el9.aarch64	PIGSTY 1.4 el9.aarch64.pg18 : sslutils_18 sslutils_18-1.4-2PIGSTY.el9.aarch64.rpm PIGSTY · 1.4 · 23.8KiB sslutils_18-1.4-2PGDG.rhel9.aarch64.rpm PGDG · 1.4 · 23.2KiB	PIGSTY 1.4 el9.aarch64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el9.aarch64.rpm PIGSTY · 1.4 · 23.8KiB sslutils_17-1.4-1PGDG.rhel9.aarch64.rpm PGDG · 1.4 · 23.3KiB	PIGSTY 1.4 el9.aarch64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el9.aarch64.rpm PIGSTY · 1.4 · 23.8KiB sslutils_16-1.4-1PGDG.rhel9.aarch64.rpm PGDG · 1.4 · 23.3KiB	PIGSTY 1.4 el9.aarch64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el9.aarch64.rpm PIGSTY · 1.4 · 23.9KiB	PIGSTY 1.4 el9.aarch64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el9.aarch64.rpm PIGSTY · 1.4 · 23.8KiB
el10.x86_64	PIGSTY 1.4 el10.x86_64.pg18 : sslutils_18 sslutils_18-1.4-2PIGSTY.el10.x86_64.rpm PIGSTY · 1.4 · 25.8KiB sslutils_18-1.4-2PGDG.rhel10.x86_64.rpm PGDG · 1.4 · 25.6KiB	PIGSTY 1.4 el10.x86_64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el10.x86_64.rpm PIGSTY · 1.4 · 25.8KiB sslutils_17-1.4-2PGDG.rhel10.x86_64.rpm PGDG · 1.4 · 25.6KiB	PIGSTY 1.4 el10.x86_64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el10.x86_64.rpm PIGSTY · 1.4 · 25.8KiB sslutils_16-1.4-2PGDG.rhel10.x86_64.rpm PGDG · 1.4 · 25.7KiB	PIGSTY 1.4 el10.x86_64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el10.x86_64.rpm PIGSTY · 1.4 · 25.8KiB sslutils_15-1.4-2PGDG.rhel10.x86_64.rpm PGDG · 1.4 · 25.7KiB	PIGSTY 1.4 el10.x86_64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el10.x86_64.rpm PIGSTY · 1.4 · 25.8KiB sslutils_14-1.4-2PGDG.rhel10.x86_64.rpm PGDG · 1.4 · 25.8KiB
el10.aarch64	PIGSTY 1.4 el10.aarch64.pg18 : sslutils_18 sslutils_18-1.4-2PIGSTY.el10.aarch64.rpm PIGSTY · 1.4 · 24.7KiB sslutils_18-1.4-2PGDG.rhel10.aarch64.rpm PGDG · 1.4 · 24.4KiB	PIGSTY 1.4 el10.aarch64.pg17 : sslutils_17 sslutils_17-1.4-2PIGSTY.el10.aarch64.rpm PIGSTY · 1.4 · 24.7KiB sslutils_17-1.4-2PGDG.rhel10.aarch64.rpm PGDG · 1.4 · 24.4KiB	PIGSTY 1.4 el10.aarch64.pg16 : sslutils_16 sslutils_16-1.4-2PIGSTY.el10.aarch64.rpm PIGSTY · 1.4 · 24.7KiB sslutils_16-1.4-2PGDG.rhel10.aarch64.rpm PGDG · 1.4 · 24.4KiB	PIGSTY 1.4 el10.aarch64.pg15 : sslutils_15 sslutils_15-1.4-2PIGSTY.el10.aarch64.rpm PIGSTY · 1.4 · 24.8KiB sslutils_15-1.4-2PGDG.rhel10.aarch64.rpm PGDG · 1.4 · 24.5KiB	PIGSTY 1.4 el10.aarch64.pg14 : sslutils_14 sslutils_14-1.4-2PIGSTY.el10.aarch64.rpm PIGSTY · 1.4 · 24.8KiB sslutils_14-1.4-2PGDG.rhel10.aarch64.rpm PGDG · 1.4 · 24.5KiB
d12.x86_64	PIGSTY 1.4 d12.x86_64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~bookworm_amd64.deb PIGSTY · 1.4 · 37.2KiB	PIGSTY 1.4 d12.x86_64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~bookworm_amd64.deb PIGSTY · 1.4 · 36.9KiB	PIGSTY 1.4 d12.x86_64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~bookworm_amd64.deb PIGSTY · 1.4 · 37.1KiB	PIGSTY 1.4 d12.x86_64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~bookworm_amd64.deb PIGSTY · 1.4 · 37.0KiB	PIGSTY 1.4 d12.x86_64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~bookworm_amd64.deb PIGSTY · 1.4 · 37.0KiB
d12.aarch64	PIGSTY 1.4 d12.aarch64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~bookworm_arm64.deb PIGSTY · 1.4 · 35.6KiB	PIGSTY 1.4 d12.aarch64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~bookworm_arm64.deb PIGSTY · 1.4 · 35.5KiB	PIGSTY 1.4 d12.aarch64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~bookworm_arm64.deb PIGSTY · 1.4 · 35.5KiB	PIGSTY 1.4 d12.aarch64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~bookworm_arm64.deb PIGSTY · 1.4 · 35.6KiB	PIGSTY 1.4 d12.aarch64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~bookworm_arm64.deb PIGSTY · 1.4 · 35.5KiB
d13.x86_64	PIGSTY 1.4 d13.x86_64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~trixie_amd64.deb PIGSTY · 1.4 · 37.8KiB	PIGSTY 1.4 d13.x86_64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~trixie_amd64.deb PIGSTY · 1.4 · 37.5KiB	PIGSTY 1.4 d13.x86_64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~trixie_amd64.deb PIGSTY · 1.4 · 37.5KiB	PIGSTY 1.4 d13.x86_64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~trixie_amd64.deb PIGSTY · 1.4 · 37.5KiB	PIGSTY 1.4 d13.x86_64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~trixie_amd64.deb PIGSTY · 1.4 · 37.5KiB
d13.aarch64	PIGSTY 1.4 d13.aarch64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~trixie_arm64.deb PIGSTY · 1.4 · 36.1KiB	PIGSTY 1.4 d13.aarch64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~trixie_arm64.deb PIGSTY · 1.4 · 36.1KiB	PIGSTY 1.4 d13.aarch64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~trixie_arm64.deb PIGSTY · 1.4 · 36.1KiB	PIGSTY 1.4 d13.aarch64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~trixie_arm64.deb PIGSTY · 1.4 · 36.1KiB	PIGSTY 1.4 d13.aarch64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~trixie_arm64.deb PIGSTY · 1.4 · 36.0KiB
u22.x86_64	PIGSTY 1.4 u22.x86_64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~jammy_amd64.deb PIGSTY · 1.4 · 40.1KiB	PIGSTY 1.4 u22.x86_64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~jammy_amd64.deb PIGSTY · 1.4 · 42.8KiB	PIGSTY 1.4 u22.x86_64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~jammy_amd64.deb PIGSTY · 1.4 · 42.8KiB	PIGSTY 1.4 u22.x86_64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~jammy_amd64.deb PIGSTY · 1.4 · 42.9KiB	PIGSTY 1.4 u22.x86_64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~jammy_amd64.deb PIGSTY · 1.4 · 42.8KiB
u22.aarch64	PIGSTY 1.4 u22.aarch64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~jammy_arm64.deb PIGSTY · 1.4 · 38.9KiB	PIGSTY 1.4 u22.aarch64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~jammy_arm64.deb PIGSTY · 1.4 · 41.7KiB	PIGSTY 1.4 u22.aarch64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~jammy_arm64.deb PIGSTY · 1.4 · 41.7KiB	PIGSTY 1.4 u22.aarch64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~jammy_arm64.deb PIGSTY · 1.4 · 41.7KiB	PIGSTY 1.4 u22.aarch64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~jammy_arm64.deb PIGSTY · 1.4 · 41.6KiB
u24.x86_64	PIGSTY 1.4 u24.x86_64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~noble_amd64.deb PIGSTY · 1.4 · 39.4KiB	PIGSTY 1.4 u24.x86_64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~noble_amd64.deb PIGSTY · 1.4 · 39.4KiB	PIGSTY 1.4 u24.x86_64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~noble_amd64.deb PIGSTY · 1.4 · 39.4KiB	PIGSTY 1.4 u24.x86_64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~noble_amd64.deb PIGSTY · 1.4 · 39.5KiB	PIGSTY 1.4 u24.x86_64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~noble_amd64.deb PIGSTY · 1.4 · 39.5KiB
u24.aarch64	PIGSTY 1.4 u24.aarch64.pg18 : postgresql-18-sslutils postgresql-18-sslutils_1.4-2PIGSTY~noble_arm64.deb PIGSTY · 1.4 · 38.1KiB	PIGSTY 1.4 u24.aarch64.pg17 : postgresql-17-sslutils postgresql-17-sslutils_1.4-2PIGSTY~noble_arm64.deb PIGSTY · 1.4 · 38.1KiB	PIGSTY 1.4 u24.aarch64.pg16 : postgresql-16-sslutils postgresql-16-sslutils_1.4-2PIGSTY~noble_arm64.deb PIGSTY · 1.4 · 38.1KiB	PIGSTY 1.4 u24.aarch64.pg15 : postgresql-15-sslutils postgresql-15-sslutils_1.4-2PIGSTY~noble_arm64.deb PIGSTY · 1.4 · 38.2KiB	PIGSTY 1.4 u24.aarch64.pg14 : postgresql-14-sslutils postgresql-14-sslutils_1.4-2PIGSTY~noble_arm64.deb PIGSTY · 1.4 · 38.2KiB

Build

You can build the RPM / DEB packages for sslutils using pig build:

pig build pkg sslutils         # build RPM / DEB packages

Install

You can install sslutils directly. First, make sure the PGDG and PIGSTY repositories are added and enabled:

pig repo add pgsql -u          # Add repo and update cache

Install the extension using pig or apt/yum/dnf:

pig install sslutils;          # Install for current active PG version

pig ext install -y sslutils -v 18  # PG 18
pig ext install -y sslutils -v 17  # PG 17
pig ext install -y sslutils -v 16  # PG 16
pig ext install -y sslutils -v 15  # PG 15
pig ext install -y sslutils -v 14  # PG 14

dnf install -y sslutils_18       # PG 18
dnf install -y sslutils_17       # PG 17
dnf install -y sslutils_16       # PG 16
dnf install -y sslutils_15       # PG 15
dnf install -y sslutils_14       # PG 14

apt install -y postgresql-18-sslutils   # PG 18
apt install -y postgresql-17-sslutils   # PG 17
apt install -y postgresql-16-sslutils   # PG 16
apt install -y postgresql-15-sslutils   # PG 15
apt install -y postgresql-14-sslutils   # PG 14

Create Extension:

CREATE EXTENSION sslutils;

Usage

sslutils: Manage SSL certificates through SQL

sslutils is a PostgreSQL extension for managing SSL certificates through SQL commands. It provides functions to generate, inspect, and manage SSL/TLS certificates directly within the database.

CREATE EXTENSION sslutils;

Functions

The extension provides SQL functions for SSL certificate management:

Function	Description
`openssl_rsa_generate_key(bits int)`	Generate an RSA private key
`openssl_rsa_key_to_csr(key text, cn text, ...)`	Generate a Certificate Signing Request
`openssl_csr_to_crt(csr text, ca_key text, ca_crt text)`	Sign a CSR to produce a certificate
`openssl_rsa_generate_crl(ca_key text, ca_crt text)`	Generate a Certificate Revocation List
`ssl_is_init_fn()`	Check if SSL is initialized
`ssl_get_cipher_fn()`	Get current SSL cipher
`ssl_get_version_fn()`	Get current SSL version

Typical Workflow

-- Generate a CA private key
SELECT openssl_rsa_generate_key(2048);

-- Create a self-signed CA certificate
-- Generate server key and CSR
-- Sign the CSR with the CA

This extension is useful for automating SSL certificate provisioning in managed PostgreSQL environments.

Feedback

Was this page helpful?

Thanks for the feedback! Please let us know how we can improve.

Sorry to hear that. Please let us know how we can improve.

Last Modified 2026-03-12: add pg extension catalog (95749bf)