They will negotiate a TLS version between 1.0 and 1.3 transparently and use the latest one that both sides support. So in general this is quite tricky to track.īy default, PostgreSQL server and client leave the negotiation of the TLS version up to the SSL library. Many vendors ship patched OpenSSL versions, and there are a number of OpenSSL-compatible libraries (such as LibreSSL) that may have other capabilities. All releases under the “OpenSSL” label (as opposed to the predecessor “SSLeay”) support at least TLS 1.0. Which TLS versions PostgreSQL supports also depends on what the OpenSSL library in use supports. If you need yet another reason to get rid of your old PostgreSQL versions, there is one.) There were also a number of interoperability issues to contend with while introducing the various new TLS versions. (If you check the trail of commit messages carefully, there was some confusion in the intermediate versions where apparently the client side (libpq) would insist on using TLS 1.0 exactly but the server would accept any version, including SSL 3.0 and newer TLS versions. Support for SSL 3.0 was removed in PostgreSQL 9.4, released in 2014 ( commit). In PostgreSQL 7.4, released in 2003, support for SSL 2.0 was removed from the source code ( commit). (Curiously, this was not mentioned in the release notes at all at the time.) It supported SSL 2.0 and up. SSL support in PostgreSQL first appeared in version 7.0, released in 2000 ( commit). Right now, the following versions of the SSL/TLS protocol exist: In this article, I will use both terms and use version numbers were more precision is required.) (For historical reasons, in PostgreSQL, all settings related to SSL and TLS are named ssl_something, even though TLS is the currently correct term. PostgreSQL 12 contains two new server settings::Īs the names indicate, these are used to control the oldest (minimum) and newest (maximum) version of the SSL and TLS protocol family that the server will accept. PostgreSQL 9 Cookbook – Chinese Edition.PostgreSQL Server Programming Cookbook – 2nd Edition. PostgreSQL 9 Administration Cookbook – 3rd Edition.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |