On 02/02/2012 05:15 PM, Mario Splivalo wrote: > On 02/02/2012 05:16 PM, Tom Lane wrote: >> Mario Splivalo <mario.splivalo@xxxxxxxxxx> writes: >>> I have these errors in my log files, occurring very often: >>> 2012-02-02 01:05:53 CST [4103]: [2-1] user=,db= FATAL: could not >>> receive data from WAL stream: SSL error: sslv3 alert unexpected message >> >> Google suggests that this might be caused by version or configuration >> mismatches between openssl libraries on the master and slave machines. >> One particular thing I'm wondering about is whether your openssl >> libraries deal with the SSL renegotiation bug sanely (ie they've got >> a fix for it that's less brain-dead than breaking the connection). > > Is there a way I can force replication over non-ssl channel? All those > boxes are in my private network and ssl is a bit overhead there anyhow. Reading the docs, it shouldn't use SSL when connecting. Here is my recovery.conf on the slave: standby_mode = 'on' primary_conninfo = 'host=10.21.32.22 port=5432 user=replication password=ueberseecret' # ded803 trigger_file = '/var/run/pg-trigger' And here is excerpt from pg_hba.conf on master: root@ded803:~# grep repl /etc/postgresql/9.1/main/pg_hba.conf | grep -v ^# host replication replication 10.21.32.82/32 md5 host postgres replication 10.21.32.82/32 md5 (The second entry is for munin plugin on slave used to trend the slave lag.) Mario -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
