doc: Clarify passphrase command reloading on Windows

danielgustafsson · danielgustafsson · commit 54ba4a66fdc4 · 2025-11-26T14:24:04.000+01:00
When running on Windows (or EXEC_BACKEND) the SSL configuration will be reloaded on each backend start, so the passphrase command will be reloaded along with it. This implies that passphrase command reload must be enabled on Windows for connections to work at all. Document this since it wasn't mentioned explicitly, and will there add markup for parameter value to match the rest of the docs. Backpatch to all supported versions. Author: Daniel Gustafsson <daniel@yesql.se> Reviewed-by: Chao Li <li.evan.chao@gmail.com> Reviewed-by: Álvaro Herrera <alvherre@kurilemu.de> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Discussion: https://postgr.es/m/5F301096-921A-427D-8EC1-EBAEC2A35082@yesql.se Backpatch-through: 14
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
@@ -1647,14 +1647,20 @@ include_dir 'conf.d'
         This parameter determines whether the passphrase command set by
         <varname>ssl_passphrase_command</varname> will also be called during a
         configuration reload if a key file needs a passphrase.  If this
-        parameter is off (the default), then
+        parameter is <literal>off</literal> (the default), then
         <varname>ssl_passphrase_command</varname> will be ignored during a
         reload and the SSL configuration will not be reloaded if a passphrase
         is needed.  That setting is appropriate for a command that requires a
         TTY for prompting, which might not be available when the server is
         running.  Setting this parameter to on might be appropriate if the
         passphrase is obtained from a file, for example.
        </para>
+       <para>
+        This parameter must be set to <literal>on</literal> when running on
+        <systemitem class="osname">Windows</systemitem> since all connections
+        will perform a configuration reload due to the different process model
+        of that platform.
+       </para>
        <para>
         This parameter can only be set in the <filename>postgresql.conf</filename>
         file or on the server command line.
