Comments (6)
https://docs.konghq.com/gateway/changelog/#3600
In OpenSSL 3.2, the default SSL/TLS security level has been changed from 1 to 2. This means the security level is set to 112 bits of security. As a result, the following are prohibited:
RSA, DSA, and DH keys shorter than 2048 bits
ECC keys shorter than 224 bits
Any cipher suite using RC4
SSL version 3 Additionally, compression is disabled.
Bumped OpenSSL from 3.1.4 to 3.2.1 #12264
@salyh Thanks for your report. Could you please check the TLS settings of your Postgres database? This issue might be caused by the behavior changes of OpenSSL.
from kong.
seems to be the same issue as #12702
from kong.
Thanks to @weberpatr. @fffonion Any update on this issue?
from kong.
Seems 3.7.x is imminent to fix the postgres TLS issues, see here for a possible workaround too:
#12702 (comment)
from kong.
It's fixed in 3.7, please refer to #12592.
from kong.
can confirm the issue is solved after updating to 3.7
thanks a lot!
from kong.
Related Issues (20)
- Strings in luajit are infinitely bloated, even if they are not rereferenced in the lua vm HOT 3
- Kong 3.7.1 Exponential memory growth over time. HOT 16
- Failure to enable openid-connect plugin HOT 4
- Kong DP keep restarting HOT 3
- Error occurs on endpoints when `tags` parameter is empty HOT 1
- Postgres read/write primary node seeming timeouts led to runtime traffic failures on existing runtime proxies HOT 2
- ip address based rate-limiting does not use real client ip address but last proxy ip address HOT 4
- [healthchecks] failed setting peer status (upstream: 7b069e34-9542-48cb-8a16-15eb144a3e5d:rest-service-upstream): not a known address, context: ngx.timer HOT 6
- [key-auth]: Query parameters truncated to first 100 when `hide_credentials` is set to true HOT 7
- Self-signed certificate error upon hitting proxy-URL in kong HOT 3
- The upstream_response_time in kong's access.log is much larger than the actual processing time of the upstream service HOT 3
- docker compose setup not working HOT 2
- the incorrect certificate name HOT 1
- Inconsistent TLS Verify behavior between Nginx and Kong Service level TLS configuration
- ai-proxy nil error with bedrock misconfiguration HOT 1
- Timeout in liveness / readiness probes leading to outage HOT 2
- [response-ratelimiting] Missing upstream usage headers in Kong 3.8 HOT 2
- `"validations.kong.konghq.com" denied the request: consumer already exists` error in isolated namespaces HOT 2
- Multiple JWT Secrets Causing "Invalid Signature" Due to Incorrect Validation Order in KongConsumer
- kong runtime not effective immediately after kic update the config by calling /config?hash_check=1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kong.