minfrin@sharp.fm writes:
> I am having trouble on an Ubuntu Xenial machine where the out-the-box psql
> refuses to connect to the out-the-box postgresql over SSL. The same setup
> worked on Ubuntu Trusty.
> Debugging reveals that the cipher list sent by the libpg client is too long
> (greater than 255 bytes), and this causes the postgresql server to slam down
> the phone, or it derails the client side enough that a bogus message "tlsv1
> alert unknown ca" is returned by the client.
This seems like an OpenSSL bug, not a Postgres bug. libpq doesn't do
anything that determines cipher lists.
regards, tom lane
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs