| From: | Joan Frey <joan(dot)frey68(at)gmail(dot)com> |
|---|---|
| To: | Matthias Apitz <guru(at)unixarea(dot)de> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: PostgreSQL server with SSL |
| Date: | 2026-06-24 12:09:48 |
| Message-ID: | CANf+CVCAN9k-y1+jg3dG4e_nJOPCctGP9BnZJ=qWr_-Egi-XAw@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
👍
Joan Frey a réagi depuis Gmail
<https://www.google.com/gmail/about/?utm_source=gmail-in-product&utm_medium=et&utm_campaign=emojireactionemail#app>
Le mer. 24 juin 2026 à 12:48, Matthias Apitz <guru(at)unixarea(dot)de> a écrit :
> El día martes, junio 23, 2026 a las 02:25:00 +0200, Joan Frey escribió:
>
> > I could only find this error message related to an error with the openssl
> > version.
> > This issue was apparently patched with pg15.6 (
> > https://www.postgresql.org/docs/release/15.6/)
> >
> > I suggest that you update to the latest minor version and retry.
>
> Thanks for your helping hand, Joan.
>
> I've setup in a podman container a 18.3 PostgreSQL cluster and with this
> SSL works locally and via network. Details are below for documentation
> purpose.
>
> Thanks again!
>
> matthias
>
> SSL version:
>
> c169ecb37a76:# /usr/local/sisis-pap/bin/openssl -v
> OpenSSL 3.5.7 9 Jun 2026 (Library: OpenSSL 3.5.7 9 Jun 2026)
>
>
> /data/postgresql183/data/postgresql.conf
>
> ssl = on
> ssl_cert_file = '/home/postgres/ca/pg-server.crt'
> ssl_key_file = '/home/postgres/ca/pg-passless-server.key'
> ssl_ca_file = '/home/postgres/ca/demoCA/cacert.pem'
>
> /data/postgresql183/data/pg_hba.conf
>
> # IPv4 local connections:
> hostssl all all 127.0.0.1/32 password
> hostssl all all 10.0.2.100/32 password
>
>
> podman container 'localhost':
>
> c169ecb37a76:# export PGHOST=localhost
> c169ecb37a76:# export PGPORT=5432
> c169ecb37a76:# /usr/local/sisis-pap/pgsql-18.3/bin/psql -U sisis
> Password for user sisis:
> psql (18.3)
> SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384,
> compression: off, ALPN: postgresql)
> Type "help" for help.
>
> sisis=#
>
> via network from my MacBook:
>
> $ export PGHOST=srap57dxr1.dev.xxxx.org
> $ export PGPORT=61443
> $ psql -U sisis
> Password for user sisis:
> psql (14.15 (Homebrew), server 18.3)
> WARNING: psql major version 14, server major version 18.
> Some psql features might not work.
> SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits:
> 256, compression: off)
> Type "help" for help.
>
> sisis=#
>
> The port 61443 sounds unusual, but has todo with the network connectos
> exposed by the podman container.
>
> --
> Matthias Apitz, ✉ guru(at)unixarea(dot)de, http://www.unixarea.de/
> +49-176-38902045
> Public GnuPG key: http://www.unixarea.de/key.pub
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sivaprasad | 2026-06-25 01:46:07 | Pre-PG18 parallel scan estimation: accessing planned worker count from amestimateparallelscan() |
| Previous Message | Matthias Apitz | 2026-06-24 10:48:38 | Re: PostgreSQL server with SSL |