2 Answers
- Newest
- Most votes
- Most comments
0
Try regional or global bundles:
- https://truststore.pki.rds.amazonaws.com/ca-central-1-bundle.pem
- https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
Try to use different versions of pgadmin, maybe there is a bug in your specific version
0
Hello. I have the same problem. Has anyone had any insight?
On the RDS log, I only have the message could not accept SSL connection: Connection reset by peer
.
answered a month ago
Relevant content
- asked 4 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 7 months ago
For sslmode tried verify-full, verify-ca, require. tested for sslrootecert: ca-central-1-bundle.pem and global-bundle.pem psql "host=HOST port=5432 dbname=testDB user=testUS sslrootcert=ca-central-1-bundle.pem sslmode=verify-ca" Get "server closed the connection unexpectedly SSL SYSCALL error: Connection reset by peer", also SSL error in RDS log. Can telnet to the host/port in Ubuntu WSL/Windows. same error I get from psql (in WSL) or PGAdmin in Windows. In console for RDS, "Connectivity and security" tab the security shows "Publicly accesssible : no", is this the issue even if can telnet?
"Publicly accesssible : no" is the best practice. This makes your DB private. try to connect from Linux using "psql" tool. If it works, the issue is with PGAdmin
No, it does not work with both pgsql from WSL Ubuntu 22 as well as from PGAdmin on Windows. the error is the same in both ("server closed the connection unexpectedly SSL SYSCALL error: Connection reset by peer"). As mentioned I tried with sslmode verify-full, verify-ca, require. Tested with sslrootecert: ca-central-1-bundle.pem and global-bundle.pem. psql command line is my comment above.
Thank you very much for input.
Does it work without SSL?
No, it does not. if i try without SSL it errors with
"connection to server at ...., port 5432 failed: FATAL: no pg_hba.conf entry for host ...., user ..., database ..., SSL off" which just shows it need SSL (rds.force_ssl=1)