Error: Unencrypted data received after SSL request

#php editor Baicao sometimes encounters a common error message during network development: "Error: Unencrypted data received after SSL request." This error message usually appears when using the HTTPS protocol for data transmission, indicating that the data is not encrypted. This issue could lead to data leakage or tampering, so it needs to be addressed promptly. In this article, we will introduce the cause and solution of this error in detail to help developers solve this problem smoothly.

Question content

I have opened a tcp connection to the database server using the following method:

conn, err := net.dial("tcp", "localhost:5432") I succeeded after running this code:

_, err = conn.Write([]byte(query))
    if err != nil {
        fmt.Printf("Query failed: %v\n", err)
        return


    // Read the response and print the result in table view
    buf := make([]byte, 50000)
    n, err := conn.Read(buf)
    if err != nil {
        fmt.Printf("Failed to read response: %v\n", err)
        return
    }
    fmt.Printf("Response received: %s\n", string(buf[:n]))

It prints: Reply received: n

The server’s log file shows:

2023-02-22 22:59:49.834 pkt [54802] fatal: Unencrypted data received after ssl request

2023-02-22 22:59:49.834 pkt [54802] Details: This may be evidence of a client software bug or an attempted man-in-the-middle attack.

Workaround

By default, the postgresql server requires all of its clients to use ssl encrypted connections, so it will always reject your request.

For testing/development purposes and realizing that your connection will not be secure, there are a few tricks you can use to work around this:

1. Create a connection to the tls package and allow it to skip certificate verification.

tlsconfig := &tls.config{
    insecureskipverify: true,
  }
        
  conn, err := tls.dial("tcp", "localhost:5432", tlsconfig)

If you can, always use the database/sql package, which abstracts all these database vendor specifics for you. Set sslmode to disabled.

connstr := "user=myuser password=mypassword dbname=mydb host=localhost sslmode=disable"
  db, err := sql.open("postgres", connstr)
  if err != nil {
      fmt.printf("failed to connect to server: %v\n", err)
      return
  }
  defer db.close()

Locate the pg_hba.conf file in the postgresql installation data directory and add the following line to always trust your localhost:

host    postgres   postgres   127.0.0.1/32    trust

Assume the username is postgres

1. Find the postgres.conf file in the postgresql installation data directory, and set the ssl parameter to off.

Keep in mind that all of these configurations will still make your connection insecure and vulnerable to attack.

To create a ssl connection correctly, you need to set up a certificate. This gist should help.

The above is the detailed content of Error: Unencrypted data received after SSL request. For more information, please follow other related articles on the PHP Chinese website!