Convert encrypted SSL test keys to PKCS#8 format

Peter Eisentraut <peter@eisentraut.org>

Commit: 648c72956f980771c5a3686ee68c5e2c5b62a534
Author: Peter Eisentraut <peter@eisentraut.org>
Date: 2023-08-28T05:37:43Z
Releases: 17.0
Convert encrypted SSL test keys to PKCS#8 format

OpenSSL in FIPS mode rejects several encrypted private keys used in
the test suites ssl and ssl_passphrase_callback.  This is because they
are in a "traditional" OpenSSL format that uses MD5 for key
generation.  The fix is to convert them to the more standard PKCS#8
format that uses SHA1 for key derivation.

This commit contains the converted keys, with the conversion done like
this:

openssl pkcs8 -topk8 -in src/test/modules/ssl_passphrase_callback/server.key -passin pass:FooBaR1 -out src/test/modules/ssl_passphrase_callback/server.key.new -passout pass:FooBaR1
mv src/test/modules/ssl_passphrase_callback/server.key.new src/test/modules/ssl_passphrase_callback/server.key

etc., as well as updated build rules to generate the keys in the new
format if they need to be regenerated.

Reviewed-by: Jacob Champion <jchampion@timescale.com>
Discussion: https://www.postgresql.org/message-id/flat/64de784b-8833-e055-3bd4-7420e6675351%40eisentraut.org

Files

Discussion