Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vXqbR-007Rbr-0y for pgsql-docs@arkaria.postgresql.org; Tue, 23 Dec 2025 00:50:18 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1vXqbQ-00Gs7b-0k for pgsql-docs@arkaria.postgresql.org; Tue, 23 Dec 2025 00:50:17 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vXqbP-00Gs7T-3D for pgsql-docs@lists.postgresql.org; Tue, 23 Dec 2025 00:50:16 +0000 Received: from momjian.us ([72.94.173.45]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vXqbO-002CpC-0d for pgsql-docs@lists.postgresql.org; Tue, 23 Dec 2025 00:50:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=momjian.us; s=2025010100; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description; bh=FgIN1eHelzRxNT5JHMI865HG5/1CybMHYM5NHAipxNs=; b=T8Bhg FwGU5xerTxc2E3d08pdt9xR7si+IQ9jEQzLaS4SH+IumogUGqCHiU/TZcVC11UoRwBmA3WU6/O+BA YtZ04gpd1q7Y2MaqCbNv/ZOKAhnY46pSUwmYMaAANxbgXCZB+VHGboXANlR7u4grwJKeMFqBpRMVc BNGQ/BXxTkV7bgkqA3XwFIKJa9xysFTYHBeuspYXji6wsuWCzBAfCciNUL2+AiWm8fIqJGOMcPfqe PGHEtw0CeJ8OM3hV7slpML6mUlBt8uLXtcNNmjQG/ymdDSI9QvUyx3qMBYpeSKWAU9K8NbQ0Bq60d tJxeNmSlW9ZO656rCy1fIn5IDUnxQ==; Received: from bruce by momjian.us with local (Exim 4.98.2) (envelope-from ) id 1vXqbM-0000000ErOi-1ZRI; Mon, 22 Dec 2025 19:50:12 -0500 Date: Mon, 22 Dec 2025 19:50:12 -0500 From: Bruce Momjian To: Tom Lane Cc: colinthart@gmail.com, pgsql-docs@lists.postgresql.org Subject: Re: Which parameters are only used on startup? Message-ID: References: <176414965817.802.9539749613450037479@wrigleys.postgresql.org> <651983.1766449750@sss.pgh.pa.us> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <651983.1766449750@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Mon, Dec 22, 2025 at 07:29:10PM -0500, Tom Lane wrote: > Bruce Momjian writes: > > On Wed, Nov 26, 2025 at 09:34:18AM +0000, PG Doc comments form wrote: > >> Clarify that ssl_cert_file and ssl_key_file are only read on startup -- > >> implying that the params can be changed and the files moved to the new > >> location/name without requiring a restart. Of course a restart is good to > >> validate that the params and files are configured correctly. > > > The docs say that you can only change this in postgresql.conf or on the > > command line. Changes to postgresql.conf requires pg_ctl reload or > > something similar. > > The actual problem with this change request is that it's wrong. > We've supported changing ssl_cert_file --- either the GUC value > or the file contents --- via "pg_ctl reload" or equivalent for > years now (cf. commits de41869b6, 6667d9a6d). So I don't see > anything wrong with the docs text as it stands. I had trouble parsing his text too but I think the original poster's point was that changing these values don't affect a connected session. When the original poster says restart, I think he/she means restart the session, not the postmaster, but I am not 100% clear on that either. -- Bruce Momjian https://momjian.us EDB https://enterprisedb.com Do not let urgent matters crowd out time for investment in the future.