Merge pull request #272361 from GennadNY/gennadyk9076

prmerger-automator[bot] · web-flow · commit 14869dbe867e · 2024-04-17T15:23:59.000Z
Update concepts-networking-ssl-tls.md
diff --git a/articles/postgresql/flexible-server/concepts-networking-ssl-tls.md b/articles/postgresql/flexible-server/concepts-networking-ssl-tls.md
@@ -112,7 +112,7 @@ Microsoft RSA Root Certificate Authority 2017  https://www.microsoft.com/pkiops/
 * Optionally, to prevent future disruption, it's also recommended to add the following roots to the trusted store:
   Microsoft ECC Root Certificate Authority 2017 - https://www.microsoft.com/pkiops/certs/Microsoft%20ECC%20Root%20Certificate%20Authority%202017.crt
 
-Detailed information on updating client applications certificate stores with new Root CA certificates has been documented in this [tutorial](../flexible-server/how-to-update-client-certificates-java.md). 
+Detailed information on updating client applications certificate stores with new Root CA certificates has been documented in this **[tutorial](../flexible-server/how-to-update-client-certificates-java.md)**. 
 
 ### Read Replicas with certificate pinning scenarios
 
@@ -124,6 +124,17 @@ Therefore, for clients that use **verify-ca** and **verify-full** sslmode config
 > [!NOTE]
 > Azure Database for PostgreSQL - Flexible server doesn't support [certificate based authentication](https://www.postgresql.org/docs/current/auth-cert.html) at this time.
 
+### Testing client certificates by connecting with psql in certificate pinning scenarios
+
+You can use psql command line from your client to test connectivity to the server in  certificate pinning scenarios, as shown in example below:
+
+```bash
+
+$ psql "host=hostname.postgres.database.azure.com port=5432 user=myuser dbname=mydatabase sslmode=verify-full sslcert=client.crt sslkey=client.key sslrootcert=ca.crt"
+
+```
+For more on ssl and certificate parameters you can follow [psql documentation](https://www.postgresql.org/docs/current/app-psql.html)
+
 ## Testing SSL/TLS Connectivity
 
 Before trying to access your SSL enabled server from client application, make sure you can get to it via psql. You should see output similar to the following if you  established an SSL connection.
