On Tue, 2025-08-26 at 19:48 +0800, xx Z wrote: > Is there a way for a streaming replication standby (client) to restrict its list > of supported TLS ciphers, similar to how the ssl_ciphers parameter works on the > primary server? > We need this for security compliance but can't find an equivalent setting for > the client-side connection in primary_conninfo. I don't think that there is a way to do that on the client side. But the streaming replication primary is surely under your control, so it should be sufficient to set "ssl_siphers" there. Yours, Laurenz Albe
