Re: unknown postgres ssl error "could not accept SSL connection: Success" and timeout

On Wed, May 3, 2023 at 9:54 AM Sergey Cherevko <scherevko(at)scorewarrior(dot)com>
wrote:

> Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-167-generic x86_64)
>
> OpenSSL 1.1.1 11 Sep 2018
>
> Sometimes i see this in postgres logs
>
So, your system is working normally most of the time? Or is it working
normally all of the time, and you just get occasional extra log messages of
unknown origin?

It could be informative to add %r to the log_line_prefix, so you would know
where these connections are coming from.

> CRITICAL
> PDOException
> SQLSTATE[08006] [7] timeout expired
> PDOException
> /var/log/web/hub2.log
>
>
I don't recognize the above (client?) log format. What is it from? Does
it correspond exactly to the entries in the PostgreSQL log? The time
stamps seem off, the wording doesn't suggest to me that they are just
different ends of the same error, and the count of errors in one log
doesn't agree with the count in the other (6 vs 3).

> I should to update my openssl to see real error? How can i do that if i use ubuntu 18.04?
>
> I wouldn't expect that to help. But how did you install it in the first
place? Ubuntu 18.04 generally provides PostgreSQL 10, not 12, so you must
have done something non-default to get where you are.

In my experience, this (poorly worded) error comes from the client
initiating an ssl connection, but then not finishing the ssl negotiations.
For example, PGSSLMODE is set to verify-ca or above, but the client has no
root.crt file present.

Cheers,

Jeff