Thread: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
OpenSSL 1.1.1 11 Sep 2018
Sometimes i see this in postgres logs
Found some similar threads, but not sure
https://github.com/modoboa/modoboa/issues/1702
https://postgrespro.com/list/thread-id/2585389
How i can to debug this?
2023-02-22 00:43:38.570 MSK [27636] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27631] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27639] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27642] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27643] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27627] [unknown]@[unknown] LOG: could not accept SSL connection: Connection reset by peer
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
here is my postgres config
cat /etc/postgresql/12/main/postgresql.conf
data_directory = '/var/lib/postgresql/12/main'
hba_file = '/etc/postgresql/12/main/pg_hba.conf'
ident_file = '/etc/postgresql/12/main/pg_ident.conf'
external_pid_file = '/var/run/postgresql/12-main.pid'
listen_addresses = '*'
port = 5432
max_connections = 10000
unix_socket_directories = '/var/run/postgresql'
ssl = on
ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'
shared_buffers = 4GB
temp_buffers = 8MB
work_mem = 128MB
maintenance_work_mem = 128MB
dynamic_shared_memory_type = posix
bgwriter_lru_maxpages = 0
effective_io_concurrency = 3
wal_level = hot_standby
checkpoint_completion_target = 0.9
archive_mode = on
archive_command = '/bin/true'
archive_timeout = 300
max_standby_archive_delay = 21600
max_standby_streaming_delay = 21600
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
I already send this to general list, may be i need to post in adminUbuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
OpenSSL 1.1.1 11 Sep 2018
Sometimes i see this in postgres logs
Found some similar threads, but not sure
https://github.com/modoboa/modoboa/issues/1702
https://postgrespro.com/list/thread-id/2585389
How i can to debug this?
2023-02-22 00:43:38.570 MSK [27636] [unknown]@[unknown] LOG: could not accept SSL connection: Success 2023-02-22 00:43:38.570 MSK [27631] [unknown]@[unknown] LOG: could not accept SSL connection: Success 2023-02-22 00:43:38.570 MSK [27639] [unknown]@[unknown] LOG: could not accept SSL connection: Success 2023-02-22 00:43:38.570 MSK [27642] [unknown]@[unknown] LOG: could not accept SSL connection: Success 2023-02-22 00:43:38.570 MSK [27643] [unknown]@[unknown] LOG: could not accept SSL connection: Success 2023-02-22 00:43:38.570 MSK [27627] [unknown]@[unknown] LOG: could not accept SSL connection: Connection reset by peer
CRITICAL PDOException SQLSTATE[08006] [7] timeout expired PDOException /var/log/web/hub2.log Feb 21, 2023 @ 23:43:38.001 CRITICAL PDOException SQLSTATE[08006] [7] timeout expired PDOException /var/log/web/hub2.log Feb 21, 2023 @ 23:43:38.001 CRITICAL PDOException SQLSTATE[08006] [7] timeout expired PDOException /var/log/web/hub2.loghere is my postgres config
cat /etc/postgresql/12/main/postgresql.conf data_directory = '/var/lib/postgresql/12/main' hba_file = '/etc/postgresql/12/main/pg_hba.conf' ident_file = '/etc/postgresql/12/main/pg_ident.conf' external_pid_file = '/var/run/postgresql/12-main.pid' listen_addresses = '*' port = 5432 max_connections = 10000 unix_socket_directories = '/var/run/postgresql' ssl = on ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' shared_buffers = 4GB temp_buffers = 8MB work_mem = 128MB maintenance_work_mem = 128MB dynamic_shared_memory_type = posix bgwriter_lru_maxpages = 0 effective_io_concurrency = 3 wal_level = hot_standby checkpoint_completion_target = 0.9 archive_mode = on archive_command = '/bin/true' archive_timeout = 300 max_standby_archive_delay = 21600 max_standby_streaming_delay = 21600
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
I am not sure what causes the problem, but some hints anyway:
max_connections = 10000
seems very high to me. In case you really have so many clients, consider using a connection pooler.
archive_mode = on archive_command = '/bin/true' archive_timeout = 300
This is awkward. If you want archiving, use a command which does archiving, not /bin/true, which does nothing. Otherwise, turn archiving off and leave archive_command empty.
Kind Regards,
Holger
-- Holger Jakobs, Bergisch Gladbach, Tel. +49-178-9759012
Attachment
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
On May 4, 2023, at 4:16 AM, Holger Jakobs <holger@jakobs.com> wrote:archive_mode = on archive_command = '/bin/true' archive_timeout = 300
This is awkward. If you want archiving, use a command which does archiving, not /bin/true, which does nothing. Otherwise, turn archiving off and leave archive_command empty.
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
On May 4, 2023, at 4:16 AM, Holger Jakobs <holger@jakobs.com> wrote:
shared_buffers = 4GB temp_buffers = 8MB work_mem = 128MB maintenance_work_mem = 128MB dynamic_shared_memory_type = posix bgwriter_lru_maxpages = 0 effective_io_concurrency = 3 wal_level = hot_standby checkpoint_completion_target = 0.9 archive_mode = on archive_command = '/bin/true' archive_timeout = 300 max_standby_archive_delay = 21600 max_standby_streaming_delay = 21600
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?I am not sure what causes the problem, but some hints anyway:
max_connections = 10000
seems very high to me. In case you really have so many clients, consider using a connection pooler.
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
Eg.
hostssl all all 0.0.0.0/0 md5
I already send this to general list, may be i need to post in adminUbuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
OpenSSL 1.1.1 11 Sep 2018
Sometimes i see this in postgres logs
Found some similar threads, but not sure
https://github.com/modoboa/modoboa/issues/1702
https://postgrespro.com/list/thread-id/2585389
How i can to debug this?
2023-02-22 00:43:38.570 MSK [27636] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27631] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27639] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27642] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27643] [unknown]@[unknown] LOG: could not accept SSL connection: Success
2023-02-22 00:43:38.570 MSK [27627] [unknown]@[unknown] LOG: could not accept SSL connection: Connection reset by peerCRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.log
Feb 21, 2023 @ 23:43:38.001
CRITICAL
PDOException
SQLSTATE[08006] [7] timeout expired
PDOException
/var/log/web/hub2.loghere is my postgres config
cat /etc/postgresql/12/main/postgresql.conf data_directory = '/var/lib/postgresql/12/main' hba_file = '/etc/postgresql/12/main/pg_hba.conf' ident_file = '/etc/postgresql/12/main/pg_ident.conf' external_pid_file = '/var/run/postgresql/12-main.pid' listen_addresses = '*' port = 5432 max_connections = 10000 unix_socket_directories = '/var/run/postgresql' ssl = on ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem' ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key' shared_buffers = 4GB temp_buffers = 8MB work_mem = 128MB maintenance_work_mem = 128MB dynamic_shared_memory_type = posix bgwriter_lru_maxpages = 0 effective_io_concurrency = 3 wal_level = hot_standby checkpoint_completion_target = 0.9 archive_mode = on archive_command = '/bin/true' archive_timeout = 300 max_standby_archive_delay = 21600 max_standby_streaming_delay = 21600
I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
Re: iso-8859-1 postgres ssl error "could not accept SSL connection: Success" and timeout
Hi Sergey,Please ensure the pg_hba.conf has enabled the SSL.
Eg.
hostssl all all 0.0.0.0/0 md5
It's not necessary to use hostssl records, host records will do as well. In an SSL environment, hostssl makes sense, though. But it doesn't help in tracking down the problem.
But - if your version supports it - use scram-sha-256 and not md5.
And don't allow access to all databases by all users from any IP address.
For testing purposes this may ok, but not in real life.
If pg_hba settings were the problem, they would show up clearly as such in the log, but that's obivously not the case.
Regards,
Holger
-- Holger Jakobs, Bergisch Gladbach, Tel. +49-178-9759012