Re: How to configure client-side TLS ciphers for streaming replication?

From: Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at>
To: xx Z <xxz030811(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: How to configure client-side TLS ciphers for streaming replication?
Date: 2025-08-26 12:16:58
Message-ID: 743186f112b705eb80ba1d03fc2b41f35356dc5e.camel@cybertec.at
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Tue, 2025-08-26 at 19:48 +0800, xx Z wrote:
> Is there a way for a streaming replication standby (client) to restrict its list
> of supported TLS ciphers, similar to how the ssl_ciphers parameter works on the
> primary server?
> We need this for security compliance but can't find an equivalent setting for
> the client-side connection in primary_conninfo.

I don't think that there is a way to do that on the client side.
But the streaming replication primary is surely under your control, so it should
be sufficient to set "ssl_siphers" there.

Yours,
Laurenz Albe

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message xx Z 2025-08-26 12:34:59 Re: How to configure client-side TLS ciphers for streaming replication?
Previous Message xx Z 2025-08-26 11:48:44 How to configure client-side TLS ciphers for streaming replication?