Update ssl test certificates and keys

Peter Eisentraut <peter_e@gmx.net>

Commit: f17889b2214194d7bd33900509bf08959d5a7efa
Author: Peter Eisentraut <peter_e@gmx.net>
Date: 2018-11-27T14:16:14Z
Releases: 12.0
Update ssl test certificates and keys

Debian testing and newer now require that RSA and DHE keys are at
least 2048 bit long and no longer allow SHA-1 for signatures in
certificates.  This is currently causing the ssl tests to fail there
because the test certificates and keys have been created in violation
of those conditions.

Update the parameters to create the test files and create a new set of
test files.

Author: Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>
Reported-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://www.postgresql.org/message-id/flat/20180917131340.GE31460%40paquier.xyz

Files

PathChange+/−
src/test/ssl/cas.config modified +3 −3
src/test/ssl/Makefile modified +1 −1
src/test/ssl/ssl/both-cas-1.crt modified +47 −30
src/test/ssl/ssl/both-cas-2.crt modified +47 −30
src/test/ssl/ssl/client_ca.crt modified +15 −9
src/test/ssl/ssl/client_ca.key modified +25 −13
src/test/ssl/ssl/client+client_ca.crt modified +29 −18
src/test/ssl/ssl/client.crl modified +9 −7
src/test/ssl/ssl/client.crt modified +14 −9
src/test/ssl/ssl/client.key modified +25 −13
src/test/ssl/ssl/client-revoked.crt modified +14 −9
src/test/ssl/ssl/client-revoked.key modified +25 −13
src/test/ssl/ssl/root_ca.crt modified +17 −12
src/test/ssl/ssl/root_ca.key modified +25 −13
src/test/ssl/ssl/root+client_ca.crt modified +32 −21
src/test/ssl/ssl/root+client.crl modified +18 −13
src/test/ssl/ssl/root.crl modified +9 −6
src/test/ssl/ssl/root+server_ca.crt modified +32 −21
src/test/ssl/ssl/root+server.crl modified +18 −13
src/test/ssl/ssl/server_ca.crt modified +15 −9
src/test/ssl/ssl/server_ca.key modified +25 −13
src/test/ssl/ssl/server-cn-and-alt-names.crt modified +16 −11
src/test/ssl/ssl/server-cn-and-alt-names.key modified +25 −13
src/test/ssl/ssl/server-cn-only.crt modified +16 −11
src/test/ssl/ssl/server-cn-only.key modified +25 −13
src/test/ssl/ssl/server.crl modified +9 −7
src/test/ssl/ssl/server-multiple-alt-names.crt modified +17 −12
src/test/ssl/ssl/server-multiple-alt-names.key modified +25 −13
src/test/ssl/ssl/server-no-names.crt modified +16 −10
src/test/ssl/ssl/server-no-names.key modified +25 −13
src/test/ssl/ssl/server-password.key modified +26 −14
src/test/ssl/ssl/server-revoked.crt modified +16 −11
src/test/ssl/ssl/server-revoked.key modified +25 −13
src/test/ssl/ssl/server-single-alt-name.crt modified +16 −10
src/test/ssl/ssl/server-single-alt-name.key modified +25 −13
src/test/ssl/ssl/server-ss.crt modified +17 −11
src/test/ssl/ssl/server-ss.key modified +25 −13

Discussion