Search Postgresql Archives

Re: pgpool ssl handshake failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 10/15/2015 09:36 AM, AI Rumman wrote:

I configured Postgresql 9.4 and still getting the same error.


Configured what?

Or more to the point what is ssl_renegotiation_limit set to?



Thanks.

On Thu, Oct 15, 2015 at 7:16 AM, Adrian Klaver
<adrian.klaver@xxxxxxxxxxx <mailto:adrian.klaver@xxxxxxxxxxx>> wrote:

    On 10/15/2015 06:59 AM, AI Rumman wrote:

        Hi,

        I am using pgpool-II version 3.4.3 (tataraboshi).
        Where my database is Postgresql 8.4.


    Probably already know, but 8.4 is approximately 1.25 years beyond EOL:

    http://www.postgresql.org/support/versioning/


        I am trying to configure ssl mode from client and between pgpool and
        database it is non-ssl.


    What is non-ssl, the database or pgpool?

        I configured as document and now I am getting this in my log:

             /2015-10-13 22:17:58: pid 1857: LOG:  new connection received
             //2015-10-13 22:17:58: pid 1857: DETAIL:  connecting
        host=10.0.0.5
             port=65326
             //2015-10-13 22:17:58: pid 1857: LOG:  pool_ssl:
        "SSL_read": "ssl
             handshake failure"
             //2015-10-13 22:17:58: pid 1857: ERROR:  unable to read
        data from
             frontend
             //2015-10-13 22:17:58: pid 1857: DETAIL:  socket read
        failed with an
             error "Success"/

        Please let me know what wrong I am doing.


    Not quite sure but given the below from the 9.5 Release Notes:

    "
    Remove server configuration parameter ssl_renegotiation_limit, which
    was deprecated in earlier releases (Andres Freund)

    While SSL renegotiation is a good idea in theory, it has caused
    enough bugs to be considered a net negative in practice, and it is
    due to be removed from future versions of the relevant standards. We
    have therefore removed support for it from PostgreSQL."

    I would check to see what  ssl_renegotiation_limit is set to:

    http://www.postgresql.org/docs/8.4/static/runtime-config-connection.html

    and if it is not set to 0, then try that.



        Thanks & Regards.



    --
    Adrian Klaver
    adrian.klaver@xxxxxxxxxxx <mailto:adrian.klaver@xxxxxxxxxxx>





--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx


--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux