| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, PostgreSQL WWW <pgsql-www(at)lists(dot)postgresql(dot)org>, Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Subject: | Re: buildfarm server suddenly not talking to old SSL stacks? |
| Date: | 2018-07-17 18:00:44 |
| Message-ID: | CABUevEzggC4gSTv9m=0o2p4S98+qEpmaz_EV2RBR2tzoxfVU_Q@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
On Tue, Jul 17, 2018 at 7:51 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
> > On Tue, Jul 17, 2018 at 7:29 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> Both machines show the same behavior with curl:
> >> $ curl https://buildfarm.postgresql.org/branches_of_interest.txt
> >> curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
> alert
> >> protocol version
>
> > Ah. Some googling shows that does seem to indicate an old version of
> > OpenSSL.
> > The old config rejected sslv2 and sslv3, but allowed tlsv1.
> > The new one refuses both tlsv1 and tlsv1.1, allowing only tlsv1.2.
> > As a check if this might be it, I have at least temporarily removed that
> > restriction. Can you try again now?
>
> Same results, both via curl and via perl.
>
Ha. I changed the client config instead of the server :/ Sorry about that,
once more?
--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-07-17 18:18:59 | Re: buildfarm server suddenly not talking to old SSL stacks? |
| Previous Message | Tom Lane | 2018-07-17 17:51:32 | Re: buildfarm server suddenly not talking to old SSL stacks? |