Error in PostgreSQL log

This is a multi-part message in MIME format.

------_=_NextPart_001_01CAE712.90F6949C
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

PostgreSQL: 8.4.3

I found the following in my error log:



LOG: SSL error: unsafe legacy renegotiation disabled



Anyone have a clue what this means?



Thanks,



Lance Campbell

Software Architect/DBA/Project Manager

Web Services at Public Affairs

217-333-0382




------_=_NextPart_001_01CAE712.90F6949C
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
[at] font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
[at] font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
..MsoChpDefault
{mso-style-type:export-only;}
[at] page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>

<body lang=3DEN-US link=3Dblue vlink=3Dpurple>

<div class=3DSection1>

<p class=3DMsoNormal>PostgreSQL: 8.4.3<o:p></o:p></p>

<p class=3DMsoNormal>I found the following in my error =
log:<o:p></o:p></p>

<p class=3DMsoNormal><o:p> </o:p></p>

<p class=3DMsoNormal>LOG:  SSL error: unsafe legacy renegotiation =
disabled<o:p></o:p></p>

<p class=3DMsoNormal><o:p> </o:p></p>

<p class=3DMsoNormal>Anyone have a clue what this means?<o:p></o:p></p>

<p class=3DMsoNormal><o:p> </o:p></p>

<p class=3DMsoNormal>Thanks,<o:p></o:p></p>

<p class=3DMsoNormal><o:p> </o:p></p>

<p class=3DMsoNormal>Lance Campbell<o:p></o:p></p>

<p class=3DMsoNormal>Software Architect/DBA/Project =
Manager<o:p></o:p></p>

<p class=3DMsoNormal>Web Services at Public Affairs<o:p></o:p></p>

<p class=3DMsoNormal>217-333-0382<o:p></o:p></p>

<p class=3DMsoNormal><o:p> </o:p></p>

</div>

</body>

</html>

------_=_NextPart_001_01CAE712.90F6949C--
Lance [ Mi, 28 April 2010 22:37 ] [ ID #2040389 ]

Re: Error in PostgreSQL log

"Campbell, Lance" <lance [at] illinois.edu> writes:
> PostgreSQL: 8.4.3
> I found the following in my error log:
> LOG: SSL error: unsafe legacy renegotiation disabled
> Anyone have a clue what this means?

It means your SSL library is maintained by someone with a clue ;-).
It's dealing with CVE-2009-3555 without simply breaking things.
However, you might want to update the SSL library at the other end,
or if you can't do that you might want to set ssl_renegotiation_limit = 0
to suppress the warning messages.

regards, tom lane

--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Tom Lane [ Mi, 28 April 2010 22:47 ] [ ID #2040390 ]

Re: Error in PostgreSQL log

Tom,
Thanks. Do I add the following to the postgresql.conf file?

ssl_renegotiation_limit =3D 0

Thanks,

Lance Campbell
Software Architect/DBA/Project Manager
Web Services at Public Affairs
217-333-0382

-----Original Message-----
From: Tom Lane [mailto:tgl [at] sss.pgh.pa.us]
Sent: Wednesday, April 28, 2010 3:47 PM
To: Campbell, Lance
Cc: pgsql-admin [at] postgresql.org
Subject: Re: [ADMIN] Error in PostgreSQL log

"Campbell, Lance" <lance [at] illinois.edu> writes:
> PostgreSQL: 8.4.3
> I found the following in my error log:
> LOG: SSL error: unsafe legacy renegotiation disabled
> Anyone have a clue what this means?

It means your SSL library is maintained by someone with a clue ;-).
It's dealing with CVE-2009-3555 without simply breaking things.
However, you might want to update the SSL library at the other end,
or if you can't do that you might want to set ssl_renegotiation_limit =3D
0
to suppress the warning messages.

regards, tom lane

--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Lance [ Do, 29 April 2010 15:57 ] [ ID #2040441 ]

Re: Error in PostgreSQL log

"Campbell, Lance" <lance [at] illinois.edu> writes:
> Thanks. Do I add the following to the postgresql.conf file?
> ssl_renegotiation_limit = 0

Right. The variable won't be listed in your existing file, likely,
because that option is new as of last month's updates.

regards, tom lane

--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Tom Lane [ Do, 29 April 2010 16:06 ] [ ID #2040442 ]
Datenbanken » gmane.comp.db.postgresql.admin » Error in PostgreSQL log

Vorheriges Thema: Can I safely kill a VACUUM ANALYZE with pg_cancel_backend 8.3
Nächstes Thema: pg_dump: Error message from server: ERROR: compressed data is corrupt

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum