Home > mailing lists

Re: Direct SSL connection with ALPN and HBA rules - Mailing list pgsql-hackers

From	Jacob Champion
Subject	Re: Direct SSL connection with ALPN and HBA rules
Date	May 14 20:14:38
Msg-id	CAOYmi+kuXZTA-_RR_HocVia38dt0O1T3K7quUuVV+mbFD0jw9w@mail.gmail.com Whole thread Raw
In response to	Re: Direct SSL connection with ALPN and HBA rules (Jacob Champion <jacob.champion@enterprisedb.com>)
List	pgsql-hackers

Tree view

On Mon, Apr 29, 2024 at 11:04 AM Jacob Champion
<jacob.champion@enterprisedb.com> wrote:
> On Fri, Apr 26, 2024 at 3:51 PM Heikki Linnakangas <hlinnaka@iki.fi> wrote:
> > Unfortunately the error message you got in the client with that was
> > horrible (I modified the server to not accept the 'postgresql' protocol):
> >
> > psql "dbname=postgres sslmode=require host=localhost"
> > psql: error: connection to server at "localhost" (::1), port 5432
> > failed: SSL error: SSL error code 167773280
>
> <long sigh>
>
> I filed a bug upstream [1].

I think this is on track to be fixed in a future set of OpenSSL 3.x
releases [2]. We'll still need to carry the workaround while we
support 1.1.1.

--Jacob

[2] https://github.com/openssl/openssl/pull/24351

pgsql-hackers by date:

From: Robert Haas
Date: 14 May, 20:07:40
Subject: Re: A wrong comment about search_indexed_tlist_for_var

From: Nathan Bossart
Date: 14 May, 20:33:21
Subject: Re: An improved README experience for PostgreSQL

Re: Direct SSL connection with ALPN and HBA rules - Mailing list pgsql-hackers

Previous

Next