Bug #21219
Updated by Alexis Mousset over 2 years ago
Server installs correctly, but relayd refuses to connect: <pre> rudder-relayd[15117]: ERROR r2d2: connection to server at "localhost" (127.0.0.1), port 5432 failed: SSL error: i2d ecpkparameters failure rudder-relayd[15117]: connection to server at "localhost" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user "rudder" </pre> and on the postgresql side: <pre> rudder@rudder DETAIL: Connection matched pg_hba.conf line 95: "host all rudder 127.0.0.1/32 md5" rudder@rudder FATAL: password authentication failed for user "rudder" </pre> which looks like a standard "wrong password" case (and the matched acl is the right one). When when adding an @sslmode=disable@ the SSL error disappears, but the connection still fails. <pre> ERROR r2d2: connection to server at "localhost" (127.0.0.1), port 5432 failed: FATAL: password authentication failed for user "rudder" </pre> The connection details look correct: <pre> # grep -A3 output.database /opt/rudder/etc/relayd/main.conf [output.database] url = "postgresql://rudder@localhost:5432/rudder" password = "7cb3e8fad6afd0a07efa" </pre> <pre> # grep PSQL /opt/rudder/etc/rudder-passwords.conf RUDDER_PSQL_PASSWORD:7cb3e8fad6afd0a07efa </pre> And connection works with this password: <pre> $ psql postgresql://rudder@localhost:5432/rudder?password=7cb3e8fad6afd0a07efa psql (14.3 (Ubuntu 14.3-0ubuntu0.22.04.1)) SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off) Type "help" for help. rudder=> </pre> This has only been seen on Ubuntu 22.04 for now (with Rudder 7.1.1). This is notably our most recent supported OS (with openssl 3.0 and postgresql 14).