Home > mailing lists

Re: PostgreSQL SSL params - Mailing list pgsql-admin

From	pramod kg
Subject	Re: PostgreSQL SSL params
Date	June 14, 2021 06:43:31
Msg-id	CAHkcXnwwJa2ZSFLsxYn+4S5mF8d7ODYFe5QNMD522NeZ08MG4Q@mail.gmail.com Whole thread Raw
In response to	Re: PostgreSQL SSL params (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-admin

Tree view

Should it be combination of
'HIGH:!aNULL' ??

Regards,

Pramod

On Sun, 13 Jun 2021, 20:34 Tom Lane, <tgl@sss.pgh.pa.us> wrote:

pramod kg <pramod11287@gmail.com> writes:
> I have enabled ssl on my PG servers and have set ssl_cipher to "HIGH".
> Still, the security team complains that weak ciphers are accepted at server
> side (They have run some security tests).

The default setting of that is

#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers

Perhaps the problem is your ill-advised removal of the !aNULL part.

regards, tom lane

pgsql-admin by date:

From: Wells Oliver
Date: 14 June 2021, 01:15:59
Subject: pg_restore can't re-mat mat view that uses a function which depends on another mat view

From: Tom Lane
Date: 14 June 2021, 09:00:44
Subject: Re: pg_restore can't re-mat mat view that uses a function which depends on another mat view

Re: PostgreSQL SSL params - Mailing list pgsql-admin

Previous

Next