On 8/26/19 10:10 AM, ROS Didier wrote:
> Hi
>
> I would like to check that postgresql is compatible with TLS 1.2.
> what test could I do to check this compatibility?
Hi,
I just now pointed this command at our PG 9.5 server at $work:
openssl s_client -connect dbhost:5432 -starttls postgres
and got the following response (excerpted for the relevant parts):
SSL handshake has read 5465 bytes and written 737 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Then I tried this version:
openssl s_client -connect dbhost:5432 -starttls postgres -tls1_2
and got this result:
SSL handshake has read 5258 bytes and written 343 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Regards,
-Chap