pramod kg <pramod11287@xxxxxxxxx> writes: > I have enabled ssl on my PG servers and have set ssl_cipher to "HIGH". > Still, the security team complains that weak ciphers are accepted at server > side (They have run some security tests). The default setting of that is #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers Perhaps the problem is your ill-advised removal of the !aNULL part. regards, tom lane
