Re: BUG #1321: SSL error: sslv3 alert handshake failure

From: "T(dot)J(dot)" <tjtoocool(at)phreaker(dot)net>
To: pgsql-bugs(at)postgresql(dot)org
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Magnus Hagander <mha(at)sollentuna(dot)net>, Michael Fuhr <mike(at)fuhr(dot)org>
Subject: Re: BUG #1321: SSL error: sslv3 alert handshake failure
Date: 2004-11-16 22:48:52
Message-ID: 419A83D4.6030203@phreaker.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

To clarify, what I have experienced was in all versions of 8.0.0.beta,
it did not just happen between 3 to 4. It was the change from 7.4 to
8.0. The error was not just windows based as I built psql on a seperate
linux machine communicating with a linux server and got the same
results. I created a client.crt client.key and placed them into the data
directory, no change. I read the below post again and renamed the files
to postgresql.crt and postgresql.key. No change. Read the below post
very carefully AGAIN and then copied those files up one directory into
the main pgsql dir. No change. Did I miss something?

Michael Fuhr wrote:

>On Tue, Nov 16, 2004 at 03:33:49PM -0500, Tom Lane wrote:
>
>
>>Michael Fuhr <mike(at)fuhr(dot)org> writes:
>>
>>
>>>Sounds like a problem due to the backend in recent betas demanding
>>>a client certificate if $PGDATA/root.crt exists, but the client
>>>certificate doesn't exist in ~/.postgresql/postgresql.{crt,key}.
>>>
>>>
>>If that is the problem, it's still broken because the error message
>>is so unhelpful. (I'm quite certain I tested that case last time
>>I touched the SSL code, and it said something reasonable then.)
>>
>>
>
>I get the following error if I use an 8.0.0beta4 client to connect
>to an 8.0.0beta4 server that has a root.crt, but the client certificate
>doesn't exist in ~/.postgresql:
>
>psql: SSL error: sslv3 alert handshake failure
>
>The server logs the following:
>
>LOG: could not accept SSL connection: 1
>
>If the certificate exists but I use a 7.4.6 client, then the client
>fails with the following:
>
>psql: unrecognized SSL error code
>
>The server logs this:
>
>LOG: could not accept SSL connection: 5
>
>
>

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Tom Lane 2004-11-16 22:56:22 Re: BUG #1321: SSL error: sslv3 alert handshake failure
Previous Message Tom Lane 2004-11-16 22:41:28 Re: libplperl.so and libperl.so