New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't start postgresql 16 over tls #12702
Comments
I bet that's because of the 0.8.25 to 1.2.0 upgrade of |
I have the same problem but with postgres 15 |
Yes, in |
Just link some context here: local ssl = require("resty.openssl.ssl").from_socket(self.sock) -- it seams this line returns `nil`
local server_cert = ssl:get_peer_certificate() @michael-todorovic, could you modify that line (in most probably local ssl = require("resty.openssl.ssl").from_socket(self.sock) -- it seams this line returns `nil` to: local ssl, err = require("resty.openssl.ssl").from_socket(self.sock) -- it seams this line returns `nil`
if err then
error(err)
end And report back? |
Also @fffonion could you take a look at it. Is the auxilary module compiled with CE? Is it a requirement now? Is there difference in EE shipped |
Any updates on this? I got the same, working on 3.5 and stopped with 3.6 and 3.6.1. Leaving my trace just in case :)
On 3.5:
On 3.6.1:
|
We are working on fix right now : ) Thanks for you patience. |
Alerady some updates on this topic? |
Is there an existing issue for this?
Kong version (
$ kong version
)3.6.1
Current Behavior
I'm currently migrating from pg 13 to 16. Kong 3.6.1 (docker image) worked well on pg13 but when I try to start or just run a
kong migrations list
on pg16 (bypassing pgbouncer to reduce potential issues), I get:I'm using postgres 16.2-1.pgdg120+2 on Debian 12. The TLS config itself is ok:
I checked, just in case, the docker image supports those TLS versions+ciphers.
I tried:
On each try, this was the same pg16 cluster of course 😄
I tried to open pgmoon lua code but can't really understand what can be an issue nor how to get more details.
I also checked what went at the network level with tcpdump/wireshark but nothing was really showing.
On postgres side, I don't have any logs about the failure either.
Do you have an idea how to make progress debugging this issue?
Thanks for your help!
Expected Behavior
No response
Steps To Reproduce
I run:
docker run --name kong --rm -e KONG_ADMIN_ACCESS_LOG="/dev/stdout json_admin" -e KONG_ADMIN_LISTEN=0.0.0.0:8001 -e KONG_DATABASE=postgres -e KONG_PG_DATABASE=kong361 -e KONG_PG_HOST=master-postgres.domain.com -e KONG_PG_USER=kong_user -e KONG_PLUGINS=bundled,jwt-consumer-to-users -e KONG_PROXY_ACCESS_LOG="/dev/stdout json_proxy" -e KONG_PROXY_ERROR_LOG=/dev/stdout -e KONG_PROXY_LISTEN=0.0.0.0:8000 -e KONG_PG_SSL="on" -e KONG_PG_PORT=5431 -e KONG_PG_PASSWORD=xxx -e KONG_LOG_LEVEL=debug kong:3.6.1 kong migrations list -vv
Anything else?
No response
The text was updated successfully, but these errors were encountered: