public inbox for [email protected]
help / color / mirror / Atom feedFrom: Laurenz Albe <[email protected]>
To: xx Z <[email protected]>
To: [email protected]
Subject: Re: How to configure client-side TLS ciphers for streaming replication?
Date: Tue, 26 Aug 2025 14:16:58 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CA+aQVjKMYngg0AVHVOcj8veB5yqoA=HCTKe-QQ3q-AovHTB0SQ@mail.gmail.com>
References: <CA+aQVjKMYngg0AVHVOcj8veB5yqoA=HCTKe-QQ3q-AovHTB0SQ@mail.gmail.com>
On Tue, 2025-08-26 at 19:48 +0800, xx Z wrote:
> Is there a way for a streaming replication standby (client) to restrict its list
> of supported TLS ciphers, similar to how the ssl_ciphers parameter works on the
> primary server?
> We need this for security compliance but can't find an equivalent setting for
> the client-side connection in primary_conninfo.
I don't think that there is a way to do that on the client side.
But the streaming replication primary is surely under your control, so it should
be sufficient to set "ssl_siphers" there.
Yours,
Laurenz Albe
view thread (2+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: How to configure client-side TLS ciphers for streaming replication?
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox