Reputation: 61
RDS PostgreSQL: General error: 7 SSL error: invalid key length
Sometimes I catch an error from RDS PostgreSQL.
SQLSTATE[HY000]: General error: 7 SSL error: invalid key length
Usually it works fine, but sometimes the error.
What could it be? Any ideas?
- Engine: PostgreSQL 9.4.1
- Certificate Authority: rds-ca-2015 (Mar 5, 2020)
- Instance Class: db.m3.medium
- Storage Type: General Purpose (SSD)
- IOPS: disabled
- Storage: 100 GB
- Encryption Enabled: No
- DB Instance Status: available
- Multi AZ: No
Updated 2016-01-18
A SQL request does not matter, I catch the error with different requests, usually primitive. And I don't see any relationship with the SQL request.
I noticed, that it happens when SQL requests have a delay:
- <- Request from PayPal Webhook Event
- -> SQL requests (everything fine)
- -> Request to PayPal REST API for validation (everything fine)
- -> SQL requests (catch the error)
I cannot understand, it's only for AWS / RDS or someone catch it in other cases?
Updated 2016-01-27
From error/postgresql.log
LOG: could not receive data from client: Connection reset by peer
When I'm trying execute a query again I'm getting another error:
SQLSTATE[HY000]: General error: 7 no connection to the server
Reconnecting does not help, I have the same error "no connection to the server"
The script made 50 attempts during the day and in the end the script has worked without the error.
Seems the error related with network or connecting (PDO connecting, PHP-FPM, PHP 5.6, SSL)
Upvotes: 5
Views: 1691
Answers (2)
Reputation: 12197
TLDR;
If you are using OpenSSL or anything related to it and PHP < 7.1, turning off SSL for Postgres might solve your problem.
non-TLDR;
Had same issue with custom framework, Postgres 9.3 on AWS VM and a legacy PHP 5.3.
Worked for 3 years w/o any problems then all of a sudden a simple select started throwing this error without any relevant changes to code/configuration. It wasn't the longest query we have (char count) and it wasn't the query that took a long time to execute.
While SSL was off in Postgres pg_hba.conf, explicitly disabling it in DSN: sslmode=disable (see @Gergo Bacskai answer) did help and the error did not return.
So after a deeper investigation what seems to be the cause is this bug: https://bugs.php.net/bug.php?id=69524
We have started using phpseclib when integrating with 3rd party service and it probably uses openssl_pkey_get_public or some alternative to it and that's the moment we started receiving these errors.
Upvotes: 0
Reputation: 31
Same issue here with Paypal, I turned off the sslmode in the PostgreSQL connection pool (internal network)
sslmode=disable
dsn = 'pgsql:host=host.com;port=5432;dbname=postgres;sslmode=disable'
Upvotes: 3
Related Questions
- How to connect to AWS RDS with SSL encryption from local?
- AWS RDS: FATAL: password authentication failed for user "postgres"
- AWS RDS Postgres connection failure
- Connect Django Postgres to AWS RDS over SSL
- Encountering error 08001 when attempting to connect to database
- Cannot connect to RDS Postgres
- npgsql connecting to AWS RDS PostgreSQL with SSL
- Connecting to Postgres AWS RDS Instance - "certificate verify failed"
- Amazon RDS Postgresql not assigning primary key
- Getting an error trying to connect to Amazon RDS with Postgresql