| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, PostgreSQL WWW <pgsql-www(at)lists(dot)postgresql(dot)org>, Andrew Dunstan <andrew(at)dunslane(dot)net> |
| Subject: | Re: buildfarm server suddenly not talking to old SSL stacks? |
| Date: | 2018-07-17 08:44:11 |
| Message-ID: | CABUevEzfX9xhFwiwC_b_oCibMh5kXwEh_OkoKpTVV_P+BTTaqA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
On Tue, Jul 17, 2018 at 7:28 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> writes:
> > On 2018-Jul-16, Tom Lane wrote:
> >> My buildfarm animals dromedary and prairiedog have been failing since
> >> around 9AM EDT on Sunday. ... Have we done something recently to create
> an
> >> incompatibility with old SSL stacks?
>
> > Yeah, there were a few updates that day at 11am UTC; particularly the
> > ca-certificates package was updated (to version 20161130+nmu1+deb9u1).
>
> Ah, that sounds plausibly related. Guess I need a certificate update
> on those machines. Thanks!
>
We also changed some of the server setup so there is now a haproxy that's
doing the SSL termination. So there is probably a slightly different
configuration of available SSL algorithms and such as well. It might be
either one of those two, both changes happened not too far apart on that
day.
--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2018-07-17 13:20:31 | Re: buildfarm server suddenly not talking to old SSL stacks? |
| Previous Message | Tom Lane | 2018-07-17 05:28:57 | Re: buildfarm server suddenly not talking to old SSL stacks? |