Problem trying to use OpenSSL

From: Adrian Urquhart <adrian(at)devnet-uk(dot)net>
To: pgsql-general(at)postgresql(dot)org
Subject: Problem trying to use OpenSSL
Date: 2002-09-09 00:31:19
Message-ID: 3d7bebd7$1@news.devnet-uk.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Hello

I have Postgres 7.2.2 running on a number of machines, working fine. It
was then decided that we should use OpenSSL so that we could do backups
direct from one machine to another via the Internet. So, I got hold of the
latest OpenSSL (0.9.6g) and compiled it on two machines, then compiled
Postgres 7.2.2 using the --with-openssl switch. OpenSSL is installed in
the default /usr/local/ssl directory. I created self-signed certificates
as outlined in the Postgres docs, and fired up the servers with the -l
switch to postmaster.

But, using OpenSSL in interactive mode to connect to a server, the
Postgres server gives an error message:

FATAL 1: invalid length of startup packet

and the client says

SSL23_GET_SERVER_HELLO:unknown protocol

but I can connect fine to an SSL IMAP server using the same OpenSSL client.

If I set up a pg_hba.conf entry for a client using hostssl, trying to run
psql on the client results in a message saying that there is no entry in
pg_hba.conf for that host.

The only common thing is that both machines are Cobalts - one is a
standard Qube2 with the original Linux system, the second is a NaSRAQ
which has had NetBSD 1.5.3 installed. As mentioned above, Postgres works fine
on both machines in plain text mode (the only other thing to mention is
that these machines are currently using semaphores instead of TAS).

Any insights greatly appreciated.

-Adrian

Browse pgsql-general by date

  From Date Subject
Next Message Bruno Wolff III 2002-09-09 01:02:06 Re: Creating tons of tables to support a query
Previous Message Nathan Hopper 2002-09-09 00:08:33 Using the right tool