Home > mailing lists

Re: Feature request: A method to configure client-side TLS ciphers for streaming replication - Mailing list pgsql-general

From	Ron Johnson
Subject	Re: Feature request: A method to configure client-side TLS ciphers for streaming replication
Date	August 26 15:59:39
Msg-id	CANzqJaBirEU9ZNZdSSPKRW7Hm9LrXCYOcH62=bppzOr6-AvGVg@mail.gmail.com Whole thread Raw
In response to	Feature request: A method to configure client-side TLS ciphers for streaming replication (xx Z <xxz030811@gmail.com>)
Responses	Re: Feature request: A method to configure client-side TLS ciphers for streaming replication
List	pgsql-general

Tree view

On Tue, Aug 26, 2025 at 3:28 AM xx Z <xxz030811@gmail.com> wrote:

Hello PostgreSQL community,

I have a question regarding the configuration of streaming replication.

When setting up streaming replication over TLS, I've noticed that while the primary server can restrict its supported encryption algorithms using the ssl_ciphers parameter, there doesn't seem to be a corresponding method for the standby (client) side of the replication connection. The standby appears to use all the default ciphers supported by the system's OpenSSL library.

What is a "standby (client)"?

Postgresql version: 15.2

That's missing 12 sets (three years) of bug fixes. When using RPM or .deb packages, updating takes only a few minutes.

Death to <Redacted>, and butter sauce.

Don't boil me, I'm still alive.

<Redacted> lobster!

pgsql-general by date:

From: Ron Johnson
Date: 26 August, 15:53:37
Subject: Re: DISABLE TRIGGER doc wrong?

From: Siraj G
Date: 26 August, 16:00:34
Subject: DMS error where postgres is the destination

Re: Feature request: A method to configure client-side TLS ciphers for streaming replication - Mailing list pgsql-general

Previous

Next