Participants
luzangelad
luzangelad
Attachments
Show all attachments
Thread Outline
#1luzangeladluzangelad
Feb 20, 2014

FIPS mode - SSL connection fails

Started by luzangeladabout 12 years ago1 messagesgeneral
Jump to latest
#1luzangelad
luzangelad
luz_diaz@mcafee.com

We recently upgraded to version 8.4.18 within our product but this upgrade
has caused SSL connections to fail when OpenSSL is in FIPS mode.

We receive the following error:
2014-02-20 01:44:23 PST [9339]: [1-1] db=[unknown],user=[unknown] LOG:
could not accept SSL connection: decryption failed or bad record mac

While looking through the recent changes, we found that commenting out the
"RAND_cleanup();" call in "src/backend/postmaster/fork_process.c" allows the
connection to succeed.

Any ideas on why this "RAND_cleanup();" would cause SSL failure in FIPS
mode?
Is there a work around? Or is this possibly a known issue?

Thanks.

--
View this message in context: http://postgresql.1045698.n5.nabble.com/FIPS-mode-SSL-connection-fails-tp5792937.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

← Back to Topics