SSL error: decryption failed or bad mac
| От | Ertan Küçükoğlu |
|---|---|
| Тема | SSL error: decryption failed or bad mac |
| Дата | |
| Msg-id | 000001d3d01a$645d4e80$2d17eb80$@1nar.com.tr обсуждение исходный текст |
| Список | pgsql-admin |
Hello, Using PostgreSQL 9.6.7 on x86_64-pc-linux-gnu. OS is a Debian 4.9.82-1+deb9u3 (2018-03-02), libpq5 (9.6.7), openssl stable 1.1.0f. System is a virtual server (VPS) in the cloud. Below is my pg_hba.conf file: local all postgres peer # TYPE DATABASE USER ADDRESS METHOD # "local" is for Unix domain socket connections only local all all peer # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 # Allow replication connections from localhost, by a user with the # replication privilege. #local replication postgres peer #host replication postgres 127.0.0.1/32 md5 #host replication postgres ::1/128 md5 hostssl all all 0.0.0.0/0 md5 clientcert=1 Recently one of my users told me that they are receiving some error from system. I have my own daemon application running on that server. Accepting http requests. Parsing them doing some select on one database and inserting into another database. Select is a single row, insert is a single row for the problem below. Below error message is for the database that I insert records into. I have following log lines about mentioned error: 2018-04-09 09:17:01.971 +03 [608] mutabakat@mutabakat LOG: SSL error: decryption failed or bad record mac 2018-04-09 09:17:01.971 +03 [608] mutabakat@mutabakat LOG: could not receive data from client: Bağlantı karşıdan kesildi 2018-04-09 09:17:01.971 +03 [608] mutabakat@mutabakat LOG: disconnection: session time: 237:25:58.027 user=mutabakat database=mutabakat host=::1 port=34670 My application is running on the same computer as PostgreSQL database server. It is using a single connection to the database over pqsql driver, each http request is handled in a new thread using that single connection. Application is online for about 2-3 months. So far, I did not have any problems. Until I have above call and log lines. I normally do not need any ssl connection to server. However, it is libpq5 which choose to do that. I think it is possible to make a no-ssl connection with above pg_hba.conf (not completely sure though). - I do not know what that error actually mean. I would like to learn details of it as well as possible solution suggestion(s), please. - I also would like to have help to convert my connection to a plain connection as there is no need for SSL connection for an application running on the same machine. Any help is appreciated. Thanks & regards, Ertan Küçükoğlu
В списке pgsql-admin по дате отправления: