Mercurial > hg > orthanc-book

changeset 181:c7551e19ae95

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslmode
author Sebastien Jodogne <s.jodogne@gmail.com>
date Thu, 10 Jan 2019 14:15:06 +0100
parents 4b4ede94381e
children 6ddc98c305cd
files Sphinx/source/plugins/postgresql.rst
diffstat 1 files changed, 18 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/Sphinx/source/plugins/postgresql.rst	Mon Dec 24 13:51:48 2018 +0100
+++ b/Sphinx/source/plugins/postgresql.rst	Thu Jan 10 14:15:06 2019 +0100
@@ -95,7 +95,8 @@
       "Port" : 5432,
       "Database" : "orthanc",
       "Username" : "orthanc",
-      "Password" : "orthanc"
+      "Password" : "orthanc",
+      "EnableSsl" : false     // New in version 3.0
     },
     "Plugins" : [
       "/home/user/orthanc-databases/BuildPostgreSQL/libOrthancPostgreSQLIndex.so",
@@ -107,7 +108,7 @@
 be explicitly set to ``true``, otherwise Orthanc will continue to use
 its default SQLite back-end and the filesystem storage area.
 
-**Remark:** When using the ``Storage`` PostgreSQL plugin, the DICOM
+**Remark 1:** When using the ``Storage`` PostgreSQL plugin, the DICOM
 files are stored as large objects in the database.  This might
 actually consume more space than the DICOM file itself.  We have
 observed overhead up to 40%.  However, it seems this overhead is
@@ -115,9 +116,20 @@
 <https://groups.google.com/d/msg/orthanc-users/pPzHOpb--iw/QkKZ808gIgAJ>`__
 on the Orthanc Users group for more info).
 
-Note that a typical usage of the PostgreSQL plugin is to enable only
-the ``Index``, and to use the default filesystem storage for DICOM
-files.
+**Remark 2:** A typical usage of the PostgreSQL plugin is to enable
+only the ``Index``, and to use the default filesystem storage for
+DICOM files (on a NAS with proper disaster recovery strategies). This
+setup provides best performance for large-scale databases.
+
+**Remark 3:** Setting the ``EnableSsl`` to ``true`` forces the use of
+`SSL connections
+<https://www.postgresql.org/docs/current/libpq-ssl.html>`__ between
+Orthanc and the PostgreSQL server. It is a synonym for
+``sslmode=require`` in connections URI (see below). Setting
+``EnableSsl`` to ``false`` corresponds to ``sslmode=disable``
+(i.e. SSL is not used, even if it is both available in Orthanc and
+PostgreSQL). To choose other values for the SSL mode (i.e. ``allow``
+and ``prefer``), please use connection URIs.
 
 
 
@@ -152,7 +164,7 @@
     "PostgreSQL" : {
       "EnableIndex" : true,
       "EnableStorage" : true,
-      "ConnectionUri" : "postgresql://username:password@localhost:5432/database"
+      "ConnectionUri" : "postgresql://username:password@localhost:5432/database?sslmode=prefer"
     },
     "Plugins" : [
       "/home/user/orthanc-databases/BuildPostgreSQL/libOrthancPostgreSQLIndex.so",