Replies: 1 comment
-
Update: Postgres from version 15 looks for client certificate under $HOME/.postgresql/ if no sslcert option is included in the connection. My connection string did not have sslcert and the handshake kept failing. Closing this discussion. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
About my setup:
I am running pg 16.2 with pgbouncer 1.22.0 in a kubernetes pod. Pgbouncer is exposed as a service. The pgbouncer logs are redirected to stdout (kubectl logs). Pgbouncer is set to accept ssl connections only, with client_tls_sslmode set to require. I have verified my certificates are correctly mounted and accessible to the pod. The liveness check for the pod runs pg_isready on the port which pgbouncer is configured with.
Additionally I am able to access the the running instance from remote application, connect to the database and access my tables.
Issue:
However, my kubectl logs gets clogged with the following error message:
On increasing the verbosity, I see the following:
Ask:
I am unable to debug why the TLS handshake fails. I have tried running openssl connect from my remote application to connect to pgbouncer see no issues.
Please help me with some pointers on where I should focus my attention to debug this.
Thanks.
Beta Was this translation helpful? Give feedback.
All reactions