Pgbouncer error with two TLS connects #1011
Unanswered
Vitalik-85
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
During the operation of pgbouncer, the following error occurs in TLS mode:
The first connector to the database through the pgbouncer is successful, and the subsequent same accounts end with an error (as long as there is an active connection of this user).
When working directly with the database bypassing pgbouncer, everything works correctly.
Pgbouncer.ini:
[databases]
[pgbouncer]
..................
client_tls_sslmode = prefer
client_tls_ca_file = /home/ssl/root.crt
client_tls_cert_file = /home/ssl/cert.crt
client_tls_key_file = /home/ssl/key.key
Log pgbouncer:
2024-01-24 08:19:55.361 AUDIT myDB/my_user@192.168.14.54:54774 connection received
2024-01-24 08:19:55.361 [314536] WARNING C-0x250bbd0 (75): (nodb)/my_user@192.168.14.54:54774 authentication context expired. user: db=myDB user=my_user
2024-01-24 08:19:55.361 AUDIT myDB/my_user@192.168.14.54:54774 login attempt tls=TLSv1.2/ECDHE-RSA-AES128-GCM-SHA256/ECDH=prime256v1
2024-01-24 08:19:55.361 AUDIT myDB/my_user@192.168.14.54:54774 send auth startup packet
2024-01-24 08:19:55.394 AUDIT myDB/my_user@192.168.14.54:54774 auth server login ok
2024-01-24 08:19:55.394 AUDIT myDB/my_user@192.168.14.62:5433 new connection to server (from 192.168.14.62:49450)
2024-01-24 08:19:55.401 AUDIT myDB/my_user@192.168.14.62:5433 server login ok, start accepting queries
2024-01-24 08:19:55.483 AUDIT myDB/my_user@192.168.14.54:54776 connection received
2024-01-24 08:19:55.483 AUDIT myDB/my_user@192.168.14.54:54776 login attempt tls=TLSv1.2/ECDHE-RSA-AES128-GCM-SHA256/ECDH=prime256v1
2024-01-24 08:19:55.483 [314536] ERROR C-0x250be50 (76): myDB/my_user@192.168.14.54:54776 TLS certificate name mismatch
2024-01-24 08:19:55.483 AUDIT myDB/my_user@192.168.14.54:54776 closing because: certificate authentication failed (age=0s)
2024-01-24 08:19:55.483 [314536] WARNING C-0x250be50 (76): myDB/my_user@192.168.14.54:54776 pooler error: certificate authentication failed
Beta Was this translation helpful? Give feedback.
All reactions