From 764cb7c8b020fe41191ab338c5592727406ed5a1 Mon Sep 17 00:00:00 2001
From: Joerg Sonnenberger <joerg@bec.de>
Date: Tue, 13 Feb 2024 01:03:06 +0100
Subject: [PATCH 1/2] Allow SERVER_TYPE=postgres

Verifying PostgreSQL certificates requires setting the protocol type for s_client as it is not plain TLS, but behaving more like StartTLS in other protocols.
---
 getssl | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/getssl b/getssl
index 30d8837b..f3cb2481 100755
--- a/getssl
+++ b/getssl
@@ -2438,6 +2438,9 @@ set_server_type() { # uses SERVER_TYPE to set REMOTE_PORT and REMOTE_EXTRA
     REMOTE_PORT=5269
   elif [[ ${SERVER_TYPE} == "ldaps" ]]; then
     REMOTE_PORT=636
+  elif [[ ${SERVER_TYPE} == "postgres" ]]; then
+    REMOTE_PORT=5432
+    REMOTE_EXTRA="-starttls postgres"
   elif [[ ${SERVER_TYPE} =~ ^[0-9]+$ ]]; then
     REMOTE_PORT=${SERVER_TYPE}
   else

From d8647eff7a30f49df240fbf76599662583f4ebdb Mon Sep 17 00:00:00 2001
From: Joerg Sonnenberger <joerg@bec.de>
Date: Wed, 14 Feb 2024 01:17:28 +0100
Subject: [PATCH 2/2] Update README.md for SERVER_TYPE=postgres

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index fdff2577..0837df08 100644
--- a/README.md
+++ b/README.md
@@ -513,6 +513,7 @@ these are available in getssl to check if the certificate is installed correctly
 | xmpp             | 5222 | StartTLS     |
 | xmpps            | 5269 |              |
 | ldaps            | 636  |              |
+| postgres         | 5432 |              |
 | port number      |      |              |
 
 ## Revoke a certificate