I cannot connect to Postgres with sql_ssl_verify: true. I have the above error messages. When I use a simple psql client using the same certificates, it works:
~ $ psql "sslmode=verify-full sslrootcert=/opt/ejabberd/certs/cnpg-tls/ca.crt sslcert=/opt/ejabberd/certs/cnpg-tls/tls.crt sslkey=/opt/ejabberd/certs/cnpg-tls/tls.key host=cnpg-ejabberd-testing-abc port=5432 u
ser=ejabberd dbname=ejabberd"
psql (15.6, server 16.2 (Debian 16.2-1.pgdg110+2))
WARNING: psql major version 15, server major version 16.
Some psql features might not work.
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, compression: off)
Type "help" for help.
ejabberd=>
Environment
26.2
Configuration (only if needed): grep -Ev '^$|^\s*#' ejabberd.yml
Errors from error.log/crash.log
Bug description
I cannot connect to Postgres with
sql_ssl_verify: true
. I have the above error messages. When I use a simplepsql
client using the same certificates, it works:Here is the corresponding Postgres error message:
The CA certificate is PEM encoded. Without the
sql_ssl_verify: true
option, only presenting the client certificate, it works.I am not sure if this is a problem on my side with ejabberd or Postgres. I am happy for any advice.