modoboa: Postgresql: could not accept SSL connection: Success

No bug! Only for security.

Impacted versions

  • Modoboa: 1.3.1
  • installer used: Yes
  • Webserver: Nginx

Steps to reproduce

$ tail -f /var/log/postgresql/postgresql-9.6-main.log
2019-03-20 14:02:36.302 UTC [13497] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:02:36.422 UTC [13503] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:03:07.046 UTC [13599] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:03:07.181 UTC [13605] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:03:38.301 UTC [13619] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:03:38.417 UTC [13625] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:04:09.310 UTC [13765] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:04:09.443 UTC [13771] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:04:40.070 UTC [13785] [unknown]@[unknown] LOG:  could not accept SSL connection: Success
2019-03-20 14:04:40.214 UTC [13791] [unknown]@[unknown] LOG:  could not accept SSL connection: Success

Hey, my Postgresql with default modoboa settings show this log. How can i fix ssl for postgresql? Steps:

  • Needs to change Hostname to fqdn (settings.py)?
  • change postgresql settings to currently used letsencrypt cert?

Thanks

/srv/modoboa/instance/instance/settings.py

DATABASES = {
    
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'modoboa',
        'USER': 'modoboa',
        'PASSWORD': 'xxx',
        'HOST': '127.0.0.1',
        'PORT': '',
        'ATOMIC_REQUESTS': True,
        
    },

    'amavis': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': 'amavis',
        'USER': 'amavis',
        'PASSWORD': 'xxx',
        'HOST': '127.0.0.1',
        'PORT': '',
        'ATOMIC_REQUESTS': True,
        
    },

}

/etc/postgresql/9.6/main/postgresql.conf

# - Security and Authentication -

#authentication_timeout = 1min          # 1s-600s
ssl = true                              # (change requires restart)
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
                                        # (change requires restart)
#ssl_prefer_server_ciphers = on         # (change requires restart)
#ssl_ecdh_curve = 'prime256v1'          # (change requires restart)
ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'          # (change requires restart)
ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'         # (change requires restart)
#ssl_ca_file = ''                       # (change requires restart)
#ssl_crl_file = ''                      # (change requires restart)
#password_encryption = on
#db_user_namespace = off
#row_security = on

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 18 (7 by maintainers)

Most upvoted comments

sorry for the delay…

Yes it works fine. I think the “problem” was only: ssl = true # (change requires restart)

+1
cremesk on Apr 30, 2019
Read more comments on GitHub
← modoboa-installer: installer fails because of "new" pip dependency resolver
core: __webpack_modules__[moduleId] is not a function →