How to configure client-side TLS ciphers for streaming replication?

public inbox for [email protected]  
help / color / mirror / Atom feed

From: xx Z <[email protected]>
To: [email protected]
Subject: How to configure client-side TLS ciphers for streaming replication?
Date: Tue, 26 Aug 2025 19:48:44 +0800
Message-ID: <CA+aQVjKMYngg0AVHVOcj8veB5yqoA=HCTKe-QQ3q-AovHTB0SQ@mail.gmail.com> (raw)

Hello,
Is there a way for a streaming replication standby (client) to restrict its
list of supported TLS ciphers, similar to how the ssl_ciphers parameter
works on the primary server?
We need this for security compliance but can't find an equivalent setting
for the client-side connection in primary_conninfo.
Thanks,

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: How to configure client-side TLS ciphers for streaming replication?
  In-Reply-To: <CA+aQVjKMYngg0AVHVOcj8veB5yqoA=HCTKe-QQ3q-AovHTB0SQ@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox