Re: PostgreSQL and OpenSSL 4.0.0

Daniel Gustafsson <daniel@yesql.se>

From: Daniel Gustafsson <daniel@yesql.se>
To: Cary Huang <cary.huang@highgo.ca>
Cc: Michael Paquier <michael@paquier.xyz>, PostgreSQL-development <pgsql-hackers@lists.postgresql.org>
Date: 2026-05-07T19:39:44Z
Lists: pgsql-hackers
> On 7 May 2026, at 21:32, Cary Huang <cary.huang@highgo.ca> wrote:

> I tried the patch and Postgres and sslinfo compiled with no warnings as
> expected.

Thanks for looking!

> However, in OpenSSL 4.0, I noticed that it reports certificate revocation
> errors differently from previous versions, causing the SSL tests to fail.
> The test expects "ssl alert certificate revoked", but OpenSSL 4.0 returns
> "tls alert certificate revoked" instead.

Which version of the patch did you try?  I thought I had fixed that in the
patchset I posted earlier today but perhaps I missed some parts.

--
Daniel Gustafsson