Обсуждение: sha256 certificate "unknown message digest algorithm"
Hi,
I am using PostgreSQL 9.4.6 and openssl 1.0.2f. If my server or client certificate use SHA256, I get the following error on the client:
psql: SSL error: tlsv1 alert decrypt error
And the following log message on the server:
LOG: could not accept SSL connection: unknown message digest algorithm
I could use -sha1 to generate my certificates but -sha256 should work, right?
Thanks,
Frazer
On 02/23/2016 05:18 AM, Frazer McLean wrote: > Hi, > I am using PostgreSQL 9.4.6 and openssl 1.0.2f. If my server or client > certificate use SHA256, I get the following error on the client: > psql: SSL error: tlsv1 alert decrypt error > And the following log message on the server: > LOG: could not accept SSL connection: unknown message digest algorithm > I could use -sha1 to generate my certificates but -sha256 should work, Some searching indicates this is usually an OpenSSL version issue. So the OpenSSL version you mention above is where, the client or the server or both? Where did you install Postgres from and what version of OpenSSL was it compiled against? > right? > Thanks, > Frazer -- Adrian Klaver adrian.klaver@aklaver.com
On Tue, 23 Feb 2016, at 17:20, Adrian Klaver wrote: > Where did you install Postgres from and what version of OpenSSL was it > compiled against? I now realise that I wasn't compiling PostgreSQL against my self-compiled openssl. After adding --with-includes and --with-libraries to configure I have it working. Thanks