Re: TLS session tickets disabled?
Cameron Vogt <cvogt@automaticcontrols.net>
From: Cameron Vogt <cvogt@automaticcontrols.net>
To: Tom Lane <tgl@sss.pgh.pa.us>, "pgsql-bugs@lists.postgresql.org" <pgsql-bugs@lists.postgresql.org>
Date: 2024-08-14T21:59:53Z
Lists: pgsql-bugs
Update: I found an old NpgSQL thread at https://github.com/npgsql/npgsql/issues/576 that discusses this issue in more detail. This thread suggests adding "UseSslStream=false" to the connection string. I tested this, and now NpgSQL 4.0.10 works with PostgreSQL 16.4. Unfortunately, I cannot control the connection string Power BI uses to connect to my PostgreSQL database, but I suppose recompiling NpgSQL 4.0.10 with that option disabled by default would work. I've read in a couple places that this issue only occurs when ssl_ca_file is set, and I can confirm that my PostgreSQL server has this. So configuring ssl_ca_file may be important for anyone wishing to reproduce the issue. I don't know enough about TLS handshakes and session tickets to know where the bug truly lies (PostgreSQL/OpenSSL vs .NET's SslStream). Cameron Vogt | Software Developer Direct: 314-756-2302 | Cell: 636-388-2050 1585 Fencorp Drive | Fenton, MO 63026 Automatic Controls Equipment Systems, Inc.
Commits
-
Fix regression in TLS session ticket disabling
- f925b7f65d49 13.17 landed
- cd98a142cb37 12.21 landed
- 9333174af475 16.5 landed
- 8cea8c023edf 14.14 landed
- 4fdb6558c270 18.0 landed
- 23c200940eae 15.9 landed
- 19021d28cdf0 17.0 landed