Make postgresql replication client sslmode configurable
Currently, there's no way to set up the recovery.conf
file with the correct sslmode
before replication takes place. You have to run this command and then edit recovery.conf manually (possibly while replication is proceeding!)
I've set the default to verify-full
as the most secure setting. If users want to use verify-ca
or prefer
(postgresql default), they can specify it explicitly.
Since this command is only run once, I don't think there are any backward-incompatibility issues to consider.
Related to #2925 (closed)
Edited by GitLab Release Tools Bot