postgresql - received unencrypted data after SSL request while ssl is off - Stack Overflow

admin管理员组

文章数量:1201604

Our upstream Go client connect to PostgreSQL through pgbouncer, the PostgreSQL server has not enabled SSL. There are no SSL settings set in pgbouncer, and according to the documentation, the default value for server_tls_stslmode is prefer. Similarly, when using pgxx for connection in Go client, no SSL settings are set, and as far as I know, the default value is also 'prefer'. But we still encountered the error message 'received unencrypted data after SSL request', which is strange cause PostgreSQL's ssl is off, and the message looks like PostgreSQL has accepted SSL links.

The error message will only last for a short period of time, but the client side observes that the connection is unavailable for a relatively long time. I guess it is because pgbouncer's server_login_retry default value is 15 seconds. And from the perspective of PostgreSQL, all pgbouncer links have been disconnected. Additional information is provided below:

output of postgres -V: postgres (PostgreSQL) 15.6 (Ubuntu 15.6-1.pgdg20.04+1)

postgres server side error info: FATAL,08P01,"received unencrypted data after SSL request","This could be either a client-software bug or evidence of an attempted man-in-the-middle attack."

output of pgbouncer -v:

PgBouncer 1.23.1
libevent 2.1.12-stable
adns: evdns2
tls: OpenSSL 1.1.1n  15 Mar 2022

PgBouncer side error info: pooler error: server login has been failing, try again later (server_login_retry)

client info: github/jackc/pgx/v5/pgxpool

client side error info: FATAL: server login has been failing, try again later server_login_retry) (SQLSTATE 08P01)

Can it be reproduced: I haven't found a way to reproduce it yet.

Does anyone have any ideas to solve this problem? Any suggestions would be greatly appreciated.

本文标签： postgresqlreceived unencrypted data after SSL request while ssl is offStack Overflow