On Tue, Nov 16, 2004 at 03:33:49PM -0500, Tom Lane wrote:
> Michael Fuhr <mike@fuhr.org> writes:
> > Sounds like a problem due to the backend in recent betas demanding
> > a client certificate if $PGDATA/root.crt exists, but the client
> > certificate doesn't exist in ~/.postgresql/postgresql.{crt,key}.
>
> If that is the problem, it's still broken because the error message
> is so unhelpful. (I'm quite certain I tested that case last time
> I touched the SSL code, and it said something reasonable then.)
I get the following error if I use an 8.0.0beta4 client to connect
to an 8.0.0beta4 server that has a root.crt, but the client certificate
doesn't exist in ~/.postgresql:
psql: SSL error: sslv3 alert handshake failure
The server logs the following:
LOG: could not accept SSL connection: 1
If the certificate exists but I use a 7.4.6 client, then the client
fails with the following:
psql: unrecognized SSL error code
The server logs this:
LOG: could not accept SSL connection: 5
--
Michael Fuhr
http://www.fuhr.org/~mfuhr/