Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

otp 25 upgrade ssl_opts issue #602

Closed
dvic opened this issue May 19, 2022 · 4 comments
Closed

otp 25 upgrade ssl_opts issue #602

dvic opened this issue May 19, 2022 · 4 comments

Comments

@dvic
Copy link

dvic commented May 19, 2022

Since we upgraded to OTP 25 we're getting

failed to connect: ** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification)
 connection requires a valid client certificate

Before this upgrade our ssl_opts config was working fine. Anyone else encountered this issue?

@greg-rychlewski
Copy link
Member

@dvic Are you still having this issue? Would you be able to provide any details about your ssl_opts ?

@dvic
Copy link
Author

dvic commented May 27, 2022

I have to investigate this further, because some projects I upgraded did not suffer from this problem. I'll get back with more details.

@dvic
Copy link
Author

dvic commented Jul 13, 2022

I still have no idea why this was happening on this particular project but OTP 25.0.1. works now. Maybe it was fixed by the following PR: erlang/otp#6037

@gesta
Copy link

gesta commented Aug 26, 2022

I've been able to fix this error, occurring when attempting to connect to a Google Cloud SQL instance by restricting the versions options in ssl_opts to [:"tlsv1.2"].
While debugging I noticed an initial handshake attempt over TLS v1.3, then downgrading to a handshake over TLS v1.2 and then an error being returned. After restricting to TLS v1.2 only, the initial handshake attempt is successful and a connection is established afterwards.
NB: Google Cloud SQL supports only TLS versions 1.0, 1.1 and 1.2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants