Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fails against pgbouncer #7

Open
adunstan opened this issue Sep 16, 2018 · 1 comment
Open

Fails against pgbouncer #7

adunstan opened this issue Sep 16, 2018 · 1 comment

Comments

@adunstan
Copy link

In this example I have pgbouncer running on port 6932. I can connect using psql on SSL mode, but this script fails:

andrew@ad-c7:test $ psql "sslmode=verify-full host=localhost port=6932 dbname=workdb sslcert=myCA/curly.crt sslkey=myCA/curly.key sslrootcert=myCA/root.crt user=curly"
psql (11beta3 (2ndQPG 11.0r1.2))
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES128-GCM-SHA256, bits: 128, compression: off)
Type "help" for help.

workdb=> \q
andrew@ad-c7:test $ python postgres_get_server_cert.py localhost:6932 
Something failed while fetching certificate: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:579)
andrew@ad-c7:test $
@thusoy
Copy link
Owner

thusoy commented Sep 17, 2018

Thanks for the heads up. I'm not spending any time on maintaining this script right now, but I'll accept a PR if you figure out why it doesn't work. I'd start by trying to figure out what's going on at the TLS level, what cipher suites and protocols are allowed by the server and what does the client try to connect with.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@adunstan @thusoy