Specifies how much data can flow over an SSL-encrypted connection before renegotiation of the session keys will take place. Renegotiation decreases an attacker's chances of doing cryptanalysis when large amounts of traffic can be examined, but it also carries a large performance penalty. The sum of sent and received traffic is used to check the limit. If this parameter is set to 0, renegotiation is disabled. The default is
SSL libraries from before November 2009 are insecure when using SSL renegotiation, due to a vulnerability in the SSL protocol. As a stop-gap fix for this vulnerability, some vendors shipped SSL libraries incapable of doing renegotiation. If any such libraries are in use on the client or server, SSL renegotiation should be disabled.
Due to bugs in OpenSSL enabling ssl renegotiation, by configuring a non-zero
ssl_renegotiation_limit, is likely to lead to problems like long-lived connections breaking.
- Postgresql NpgSql connection handling extra query and multiple close connection
- psql command not responding
- psql: could not connect to server: Connection refused Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432?
- PostgreSQL SSL Configuration
- PSQLException when connecting to Postgres server via JDBC in same LAN (PGAdmin works)