| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | Marco Ippolito <ippolito(dot)marco(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: could not accept SSL connection: sslv3 alert bad certificate |
| Date: | 2019-09-26 00:07:53 |
| Message-ID: | 4d93b9ed-c087-19e9-a834-512fb2689783@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 9/25/19 12:34 PM, Marco Ippolito wrote:
> Following the indications here:
> https://hyperledger-fabric-ca.readthedocs.io/en/release-1.4/users-guide.html#configuring-the-database
> I'm trying to understand how to correctly set Fabric-CA with a
> PostgreSQL-11 database in Ubuntu 18.04.02 Server Edition.
>
> This is the corresponding part in
> /var/log/postgresql/postgresql-11-fabmnet.log :
>
> 2019-09-25 20:51:52.655 CEST [1096] LOG: listening on IPv6 address
> "::1",
> port 5433
> 2019-09-25 20:51:52.673 CEST [1096] LOG: listening on IPv4 address
> "127.0.0.1", port 5433
> 2019-09-25 20:51:52.701 CEST [1096] LOG: listening on Unix socket
> "/var/run/postgresql/.s.PGSQL.5433"
> 2019-09-25 20:51:52.912 CEST [1171] LOG: database system was
> interrupted;
> last known up at 2019-09-25 09:50:30 CEST
> 2019-09-25 20:51:53.001 CEST [1171] LOG: database system was not
> properly
> shut down; automatic recovery in progress
> 2019-09-25 20:51:53.011 CEST [1171] LOG: redo starts at 0/1668238
> 2019-09-25 20:51:53.011 CEST [1171] LOG: invalid record length at
> 0/1668318: wanted 24, got 0
> 2019-09-25 20:51:53.011 CEST [1171] LOG: redo done at 0/16682E0
> 2019-09-25 20:51:53.043 CEST [1096] LOG: database system is ready to
> accept connections
> 2019-09-25 20:51:53.569 CEST [1206] [unknown](at)[unknown] LOG:
> incomplete
> startup packet
> 2019-09-25 20:56:57.540 CEST [4620] [unknown](at)[unknown] LOG: could
> not
> accept SSL connection: sslv3 alert bad certificate
> 2019-09-25 20:56:57.543 CEST [4622] [unknown](at)[unknown] LOG: could not
> accept SSL connection: sslv3 alert bad certificate
> 2019-09-25 20:56:57.544 CEST [4623] [unknown](at)[unknown] LOG: could
> not
> accept SSL connection: sslv3 alert bad certificate
>
Aargh, I missed the part above.
What happens if you remove the sslmode=verify-full from the *.yaml file?
>
> And this is the db's configuration in (base) marco(at)pc:~$ nano
> ./fabric/fabric-ca/fabric-ca-
> server-config.yaml :
>
> db:
> type: postgres
> datasource: host=localhost port=5433 user=fabmnet_admin
> password=pwd dbname=fabmnetdb
> sslmode=verify-full
>
>
> How to correctly set up SSL connection to PostgresSQL-11 db?
>
> Looking forward to your kind help
> Marco
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Matthias Apitz | 2019-09-26 05:12:46 | Re: updating sequence value for column 'serial' |
| Previous Message | Adrian Klaver | 2019-09-25 23:56:50 | Re: could not accept SSL connection: sslv3 alert bad certificate |