Thread: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
From
Sergey Cherevko
Date:
Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
OpenSSL 1.1.1 11 Sep 2018
Sometimes i see this in postgres logs
Found some similar threads, but not sure
https://github.com/modoboa/modoboa/issues/1702
https://postgrespro.com/list/thread-id/2585389
How i can to debug this?
2023-02-22 00:43:38.570 MSK [27636] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27631] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27639] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27642] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27643] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27627] [unknown]@[unknown] LOG: could not accept SSL connection: Connection reset by peer
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
here is my postgres config
cat /etc/postgresql/12/main/postgresql.conf
data_directory = '/var/lib/postgresql/12/main'
hba_file = '/etc/postgresql/12/main/pg_hba.conf'
ident_file = '/etc/postgresql/12/main/pg_ident.conf'
external_pid_file = '/var/run/postgresql/12-main.pid'
listen_addresses = '*'
port = 5432
max_connections = 10000
unix_socket_directories = '/var/run/postgresql'
ssl = on
ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'
shared_buffers = 4GB
temp_buffers = 8MB
work_mem = 128MB
maintenance_work_mem = 128MB
dynamic_shared_memory_type = posix
bgwriter_lru_maxpages = 0
effective_io_concurrency = 3
wal_level = hot_standby
checkpoint_completion_target = 0.9
archive_mode = on
archive_command = '/bin/true'
archive_timeout = 300
max_standby_archive_delay = 21600
max_standby_streaming_delay = 21600
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
From
Jeff Janes
Date:
On Wed, May 3, 2023 at 9:54 AM Sergey Cherevko <scherevko@scorewarrior.com> wrote:
Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
OpenSSL 1.1.1 11 Sep 2018
Sometimes i see this in postgres logs
So, your system is working normally most of the time? Or is it working normally all of the time, and you just get occasional extra log messages of unknown origin?
It could be informative to add %r to the log_line_prefix, so you would know where these connections are coming from.
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
I don't recognize the above (client?) log format. What is it from? Does it correspond exactly to the entries in the PostgreSQL log? The time stamps seem off, the wording doesn't suggest to me that they are just different ends of the same error, and the count of errors in one log doesn't agree with the count in the other (6 vs 3).
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
I wouldn't expect that to help. But how did you install it in the first place? Ubuntu 18.04 generally provides PostgreSQL 10, not 12, so you must have done something non-default to get where you are.
In my experience, this (poorly worded) error comes from the client initiating an ssl connection, but then not finishing the ssl negotiations. For example, PGSSLMODE is set to verify-ca or above, but the client has no root.crt file present.
Cheers,
Jeff