| From: | "Campbell, Lance" <lance(at)illinois(dot)edu> |
|---|---|
| To: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Error in PostgreSQL log |
| Date: | 2010-04-29 13:57:51 |
| Message-ID: | B10E6810AC2A2F4EA7550D072CDE876004B2E35C@SAB-FENWICK.sab.uiuc.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Tom,
Thanks. Do I add the following to the postgresql.conf file?
ssl_renegotiation_limit = 0
Thanks,
Lance Campbell
Software Architect/DBA/Project Manager
Web Services at Public Affairs
217-333-0382
-----Original Message-----
From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us]
Sent: Wednesday, April 28, 2010 3:47 PM
To: Campbell, Lance
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: [ADMIN] Error in PostgreSQL log
"Campbell, Lance" <lance(at)illinois(dot)edu> writes:
> PostgreSQL: 8.4.3
> I found the following in my error log:
> LOG: SSL error: unsafe legacy renegotiation disabled
> Anyone have a clue what this means?
It means your SSL library is maintained by someone with a clue ;-).
It's dealing with CVE-2009-3555 without simply breaking things.
However, you might want to update the SSL library at the other end,
or if you can't do that you might want to set ssl_renegotiation_limit =
0
to suppress the warning messages.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2010-04-29 14:06:31 | Re: Error in PostgreSQL log |
| Previous Message | Greg Smith | 2010-04-29 05:30:54 | Re: more 10K disks or less 15K disks |