堆栈内存溢出
  简体   繁体   English

Azure PostgreSQL 服务器上的 TLSv1.2

[英]TLSv1.2 on Azure PostgreSQL Server

 原文  2019-05-13 13:14:30       postgresql/ azure/ ssl/ tls1.2

问题描述

I am trying to ensure that the PostgreSQL client's connection to Azure PostgreSQL server (version 10.7) is using TLSv1.2.我正在尝试确保 PostgreSQL 客户端与 Azure PostgreSQL 服务器(版本 10.7)的连接使用 TLSv1.2。 When I execute psql command, the connection header shows me protocol TLSv1.2 :当我执行psql命令时,连接头显示了协议TLSv1.2

[user ~]# psql -h psql_server.postgres.database.azure.com -p 5432 -U psql_admin_accnt@psql_server -W postgres
Password:
psql (10.7)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.

Yet, when I query pg_stat_ssl table, I get information, that the current connection is using TLSv1.1 and cipher information isn't the same either.然而,当我查询pg_stat_ssl表时,我得到信息,即当前连接使用的是TLSv1.1并且cipher信息也不相同。

postgres=> SELECT * FROM pg_stat_ssl;
  pid   | ssl | version |        cipher        | bits | compression | clientdn
--------+-----+---------+----------------------+------+-------------+----------
 168648 | t   | TLSv1.1 | ECDHE-RSA-AES256-SHA |  256 | f           |
(1 row)

Which information is the correct one and I should rely on?哪些信息是正确的,我应该依赖哪些信息? Does my psql connection really uses TLSv1.2 or it is TLSv1.1 as seen from PostgreSQL system tables.我的psql连接真的使用TLSv1.2还是从 PostgreSQL 系统表中看到的TLSv1.1

1 个解决方案

解决方案1
 2 已采纳  2020-02-14 08:13:12

Seems the issue was fixed by Microsoft itself似乎这个问题是由微软自己解决的

[user@host ~]$ /usr/pgsql-10/bin/psql "host=psql_server.postgres.database.azure.com port=5432 dbname=dbname user=psql_admin_accnt@psql_server sslmode=require sslrootcert=/path/to/BaltimoreCyberTrustRoot.cer"
Password:
psql (10.11)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.

dbname=> SELECT * FROM pg_stat_ssl WHERE pid = pg_backend_pid();
  pid   | ssl | version |           cipher            | bits | compression | clientdn
--------+-----+---------+-----------------------------+------+-------------+----------
 812820 | t   | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 |  256 | f           |
(1 row)

dbname=> SELECT VERSION();
                           version
-------------------------------------------------------------
PostgreSQL 10.11, compiled by Visual C++ build 1800, 64-bit
(1 row)

Now, the TLS version is correctly returned.现在,正确返回了 TLS 版本。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Email function 用于 azure postgresql 服务器 - Email function for azure postgresql server Azure Powershell - 重命名 PostgreSQL 服务器实例的数据库 - Azure Powershell - rename Database for PostgreSQL Server instance 本地 SQL 服务器到 Azure PostgreSQL 复制 - On-premise SQL Server to Azure PostgreSQL replication 如何在 Azure PostgreSQL 服务器上恢复 .dump 或 .sql - How to restore .dump or .sql on Azure PostgreSQL Server Azure PostgreSQL 服务器服务排序规则创建错误 - Azure PostgreSQL Server Service Collation Create Error 使用 Bicep 更改 Azure PostgreSQL 灵活的服务器配置 - Changing Azure PostgreSQL flexible server configuration with Bicep Azure PostgreSQL 灵活服务器的数据库 Django 慢 - Azure Database for PostgreSQL flexible server Slow with Django Azure PostgreSQL 服务器销毁前备份的数据库 - Azure Database for PostgreSQL server backup before destroy 如何将本地 PostgreSQL 数据库备份恢复到 Azure PostgreSQL 服务器? - How to restore local PostgreSQL database backup to Azure PostgreSQL server? 是否有将数据从 SQL Server Azure 复制到 PostgreSQL Azure 的简单解决方案? - Is there a simple solution to replicate data from SQL Server Azure to PostgreSQL Azure?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM