Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1to1m7-0050IO-Gb for pgsql-general@arkaria.postgresql.org; Fri, 28 Feb 2025 14:55:40 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1to1m7-008Ap9-Mi for pgsql-general@arkaria.postgresql.org; Fri, 28 Feb 2025 14:55:38 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1to1jM-0083xE-MT for pgsql-general@lists.postgresql.org; Fri, 28 Feb 2025 14:52:47 +0000 Received: from mail-ed1-x52d.google.com ([2a00:1450:4864:20::52d]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1to1jH-000Bup-2M for pgsql-general@postgresql.org; Fri, 28 Feb 2025 14:52:46 +0000 Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-5e0939c6456so2990216a12.3 for ; Fri, 28 Feb 2025 06:52:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1740754364; x=1741359164; darn=postgresql.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=KeKOmuzYHbzuXAvUYjdcIytvZInJ0iNwDY1z/p9qLKc=; b=chQAHbSPFxTHai7g1YPPrV3XoJwJEbPEsyG2ddpGp5l9lscVaPQmbFvkJ34aDJr3Sl dHdMb6eIG4qe3mXh1sfMRHruZSexeboKdednSsJAqiXKRUpGx1popoJKxndVOH1JQpKx owe/0NW4DE5nzasoUhK8m48sW5YCQhm0D3O5o0IZroUe7Re4k6ujvX+kdYR1MdTa2dNy 79n3pJN46t2NYcc+4KjuIIbdIrOgK5m0VbCpLfcyuLpNtrn05Qug9cucBMMVcdZ1YId6 xRRTrD1nlEovxru9QOw71Ms72yCw+RnBphGML0KMR6fHQEkXH0YHdrV7FMUk11Ghlk+D 4oVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740754364; x=1741359164; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=KeKOmuzYHbzuXAvUYjdcIytvZInJ0iNwDY1z/p9qLKc=; b=BWxRFce9P88mdPmxjrhw4aFREdL7LE380kf/04tL4S4BlTPkEJzfN6xPr9T11d9GNq W5XH0N7iWC7nJVcy/qTwHJ4/1FfR0JGE87IywbDZfcfK4xgw1dNDINS/n6y6DU1KfWT2 ciM5vpPbx6zfc9XjZaG9lB5ubgrw+ojgLL0PMomou0omZteTgWw7oSCuh9OqIG4mlQH6 BwpGtiSZeZdlhyV/tJF0klV6ggeQk1/znplj9iO3dy6arSvYhcQCu3dgP1XP6HJhIRY6 i2Ddqp5ozHrJGewKZZl8zjCkPXcqA0LX0Wa7no3uSnieaVS4RL64x3ClU3bQWOYUF2B6 WWqQ== X-Gm-Message-State: AOJu0Yzfr1g+3xTmf7OT+sNKoNZMBj/xGQBEWWuLqGgfNhVVoVXxAMAz JQL0S77Ww1dt8gMRoWLy8kI0NkpoD8em4x4KQHbgnbj5wroaFzimoMZdDXBjBGt4c0qxwMpv78g 7uGgeiuWxFHdWxifo/hFr/duNX75L1v3pyQM= X-Gm-Gg: ASbGnct20Lr+opQ4kbwUmvDH1bawjTas66yxWaqqtxW8je4+IVXGfe/K10FuTASMbfM AzEcIDcslBCpxbN3UROvPpJfe/LFQ2BrWe4Zk48lDsx/aCnHoTWtKohLA5xxFjqlz7KIr/qU2oq OeGeSKcGem X-Google-Smtp-Source: AGHT+IGtJyNLRQVlj5VNhXDMzGcktnkVx3SdZ+EDd6Pjlj2jx0L1GPR4njBySZcKFKd0H0gJcWevqTLLYaHeIepCoOw= X-Received: by 2002:a05:6402:350b:b0:5de:dd6b:a7b0 with SMTP id 4fb4d7f45d1cf-5e4d6ad3bc0mr1875690a12.1.1740754364137; Fri, 28 Feb 2025 06:52:44 -0800 (PST) MIME-Version: 1.0 From: Alexander Farber Date: Fri, 28 Feb 2025 15:52:32 +0100 X-Gm-Features: AQ5f1Jq-HrAcDEhSuYLNVZZCwFWY2gCFyhy5dznLYOaqIgC0bHviK_t4yvbptTw Message-ID: Subject: Azure Database for PostgreSQL flexible server: password authentication failed To: pgsql-general Content-Type: multipart/alternative; boundary="00000000000084107e062f34f593" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --00000000000084107e062f34f593 Content-Type: text/plain; charset="UTF-8" Good afternoon, I am using an Azure Database for PostgreSQL flexible server with no public ip. It is connected to a private VNet and I try to access it from an Alpine Linux container with openssl and postgresql-client installed. In Azure portal I have clicked the "Reset password" button, entered twice password12345!! and received the web browser notification "Successfully reset the password for postgresql" Then I run the commands: $ openssl s_client -connect 172.21.32.4:5432 -starttls postgres (then after some time) 2C820000:error:8000274C:system library:BIO_connect:Unknown error:../openssl-3.2.3/crypto/bio/bio_sock2.c:178:calling connect() 2C820000:error:10000067:BIO routines:BIO_connect:connect error:../openssl-3.2.3/crypto/bio/bio_sock2.c:180: connect:errno=0 $ PGPASSWORD="password12345!!" psql "postgresql://postgres:password12345!!@ 172.21.32.4:5432/postgres?sslmode=require" psql: error: connection to server at "172.21.32.4", port 5432 failed: FATAL: password authentication failed for user "postgres" In the server logs I see entries for some other connections: 2025-02-28 14:39:35 UTC-67c1ca93.50ee-LOG: disconnection: session time: 0:00:20.024 user=azuresu database=postgres host=169.254.128.1 port=53076 2025-02-28 14:39:36 UTC-67c1caa8.5146-LOG: connection received: host=169.254.128.1 port=49016 2025-02-28 14:39:36 UTC-67c1caa8.5146-LOG: connection authenticated: identity=\"CN=azuresu.c1fba9900d4d.database.azure.com\" method=cert (/datadrive/pg/data/pg_hba.conf:17) 2025-02-28 14:39:36 UTC-67c1caa8.5146-LOG: connection authorized: user=azuresu database=postgres SSL enabled (protocol=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384, bits=256) I do not see any logs related to my unsuccessful tries. In the "Server parameters" I have set the parameters: log_connections ON log_hostname ON log_statement MOD max_connections 500 ssl ON (cannot change that one) listen_address '*' (cannot change that one) And currently I am stuck, wonder how do others debug such problems? Best regards Alex --00000000000084107e062f34f593 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Good afternoon= ,

I am using an=C2=A0Azure Database for PostgreSQL flexible server w= ith no public ip.

It is connected to a private VNet and I try to acc= ess it from an Alpine Linux container with openssl and postgresql-client in= stalled.

In Azure portal I have clicked the "Reset password&quo= t; button, entered twice=C2=A0password12345!! and received the web browser = notification
"Successfully reset the password for postgresql= "

Then I run the commands:

$ openssl s_client -conn= ect 172.21.32.4:5432 -starttls post= gres
(then after some time)
2C820000:error:8000274C:system li= brary:BIO_connect:Unknown error:../openssl-3.2.3/crypto/bio/bio_sock2.c:178= :calling connect()
2C820000:error:10000067:BIO routines:BIO_conne= ct:connect error:../openssl-3.2.3/crypto/bio/bio_sock2.c:180:
con= nect:errno=3D0

$ PGPASSWORD=3D"password12345!= !" psql "postgresql://postgres:password12345!!@172.21.32.4:5432/postgres?sslm= ode=3Drequire"
psql: error: connection to server at &quo= t;172.21.32.4", port 5432 failed: FATAL:=C2=A0 password authentication= failed for user "postgres"

In the server log= s I see entries for some other connections:

2025-02-28 14:39:35= UTC-67c1ca93.50ee-LOG:=C2=A0 disconnection: session time: 0:00:20.024 user= =3Dazuresu database=3Dpostgres host=3D169.254.128.1 port=3D53076
= 2025-02-28 14:39:36 UTC-67c1caa8.5146-LOG:=C2=A0 connection received: host= =3D169.254.128.1 port=3D49016
2025-02-28 14:39:36 UTC-67c1caa8.51= 46-LOG:=C2=A0 connection authenticated: identity=3D\"CN=3Dazuresu.c1fba9900d4d.databas= e.azure.com\" method=3Dcert (/datadrive/pg/data/pg_hba.conf:17)
2025-02-28 14:39:36 UTC-67c1caa8.5146-LOG:=C2=A0 connection authori= zed: user=3Dazuresu database=3Dpostgres SSL enabled (protocol=3DTLSv1.3, ci= pher=3DTLS_AES_256_GCM_SHA384, bits=3D256)

I do not see any logs r= elated to my unsuccessful tries.

In the "Server parameters"= ; I have set the parameters:

log_connections ON
log_hostname ONlog_statement MOD
max_connections 500
ssl ON (cannot change that on= e)
listen_address '*' (cannot change that one)

And curren= tly I am stuck, wonder how do others debug such problems?

Best regar= ds
Alex
--00000000000084107e062f34f593--