Rails + Postgresql Ssl Decryption Failure

Rails + PostgreSQL SSL decryption failure

If the database is running on localhost only, turn SSL off: it's not really useful to encrypt a local connection. Either set ssl=false in postgresql.conf (and restart the db server) or tell your client not to use SSL while connecting. Some installations configure PostgreSQL to use SSL by default.

uWSGI, Flask, sqlalchemy, and postgres: SSL error: decryption failed or bad record mac

The issue ended up being uwsgi's forking.

When working with multiple processes with a master process, uwsgi initializes the application in the master process and then copies the application over to each worker process. The problem is if you open a database connection when initializing your application, you then have multiple processes sharing the same connection, which causes the error above.

The solution is to set the lazy configuration option for uwsgi, which forces a complete loading of the application in each process:

lazy

Set lazy mode (load apps in workers instead of master).

This option may have memory usage implications as Copy-on-Write semantics can not be used. When lazy is enabled, only workers will be reloaded by uWSGI’s reload signals; the master will remain alive. As such, uWSGI configuration changes are not picked up on reload by the master.

There's also a lazy-apps option:

lazy-apps

Load apps in each worker instead of the master.

This option may have memory usage implications as Copy-on-Write semantics can not be used. Unlike lazy, this only affects the way applications are loaded, not master’s behavior on reload.

This uwsgi configuration ended up working for me:

[uwsgi]
socket = /tmp/my_app.sock
logto = /var/log/my_app.log
plugins = python3
virtualenv =  /path/to/my/venv
pythonpath = /path/to/my/app
wsgi-file = /path/to/my/app/application.py
callable = app
max-requests = 1000
chmod-socket = 666
chown-socket = www-data:www-data
master = true
processes = 2
no-orphans = true
log-date = true
uid = www-data
gid = www-data

# the fix
lazy = true
lazy-apps = true

Postgres error on Heroku with Resque

Thanks to the comments of "Rails beginner" and "mu is too short" I found the solution.

I've added this to an initializer and it did the trick!

Resque.after_fork = Proc.new { ActiveRecord::Base.establish_connection }

Django python-rq -- DatabaseError SSL error: decryption failed or bad record mac

The problem is solved by closing the DB connection at the beginning of each job.

For example,

@job
some_job():
    from django.db import connection
    connection.close()
    some_more_code()

Resque Workers on Heroku locked out of Postgres DB SSL- no fix yet

OK, so couldn't figure this out...

Switched over to delayed job and it's working much better. A little frustrating that I can't send push notifications with apn_sender anymore, but apn_on_rails is working fine.

Weird problem, still curious...


Related Topics

Oracle SQL Date Range Intersections

How to Retrieve a Very Long Xml-String from an SQL Database with R

Get The Inverse of a Join

Building a Table Dependency Graph with a Recursive Query

How to Get Referenced Values from Another Table

How to Extract Certain Nth Character from a String in Sql

How to Pass Two SQL Tables as Input Parameter for R Codes in SQL Server

Postgresql Update Trigger

Sql Server Server Query - Count Distinct Datetime Field

Replacing Only The Nth Instance of Character

Recursive Query Challenge - Simple Parent/Child Example

Pagination with The Stored Procedure

How to Get Information About an Index and Table Owner in Oracle

Sql Server 2008 - How to Convert Gmt(Utc) Datetime to Local Datetime

Rodbc and Microsoft SQL Server: Truncating Long Character Strings

How to Find What Foreign Key References an Index on Table

Sql Query to Find Last Day of Current Month

Count Distinct Records (All Columns) Not Working


Leave a reply



Submit