I was able to find out the issue. The firewall between the server and clients refused to allow SSL traffic over port 5432. Once allowing SSL via port 5432 it started working.
From: Peter J. Holzer Sent: Friday, May 26, 2023 3:17 AM To: pgsql-general@xxxxxxxxxxxxxxxxxxxx Subject: Re: Having issue with SSL. On 2023-05-24 21:02:04 +0000, Randy Needham wrote:
> The problem I am running into is my remote client can't connect via SSL to > postgrsql. I am able to from the server itself. This is using pgAdmin 4 and > making ssl mode as required. Also ran psql.exe on the server to show that SSL > was in fact working on the server. "SSL connection (protocol: TLSv1.3, cipher: > TLS_AES_256_GCM_SHA384, bits: 256, compression: off)". In the logs it is > showing this when I try to connect via my remote client. > > [2672] LOG: could not accept SSL connection: An existing connection was > forcibly closed by the remote host. > > The error from pgAdmin 4 on the remote client is this. > > connection failed: server closed the connection unexpectedly This probably > means the server terminated abnormally before or while processing the request. > SSL SYSCALL error: Connection reset by peer (0x00002746/100054) So both the server and the client claim that the connection was terminated by the other side? I suspect that the server and client cannot agree on a common cypher. But if both are reasonably up to date that shouldn't happen (it can happen if the SSL library on your server is much older than that on your client or vice versa). Can you use wireshark (or something similar) to record the session and see where in the protocol they give up? hp -- _ | Peter J. Holzer | Story must make more sense than reality. |_|_) | | | | | hjp@xxxxxx | -- Charles Stross, "Creative writing __/ | http://www.hjp.at/ | challenge!" |