Re: SSL tests failing with "ee key too small" error on Debian SID
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Thomas Munro <thomas.munro@enterprisedb.com>
Cc: Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>, Pg Hackers <pgsql-hackers@postgresql.org>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2018-11-26T00:35:56Z
Lists: pgsql-hackers
On Mon, Nov 26, 2018 at 01:17:24PM +1300, Thomas Munro wrote: > On Wed, Oct 3, 2018 at 1:32 PM Michael Paquier <michael@paquier.xyz> wrote: >> I find your suggestion quite tempting at the end instead of having to >> tweak the global system's configuration. That should normally work with >> any configuration. This would require regenerating the certs in the >> tree. Any thoughts from others? > > I don't really have opinion here, but I wanted to point out that > src/test/ldap/t/001_auth.pl creates new certs on the fly, which is a > bit inconsistent with the SSL test's approach of certs-in-the-tree. > Which is better? When going up to 2k, it takes longer to generate the keys than to run the tests, so keeping them in the tree looks like a pretty good gain to me. -- Michael
Commits
-
Update ssl test certificates and keys
- 7f2576812655 9.5.16 landed
- ba26b3172f03 9.6.12 landed
- 114635e55235 10.7 landed
- 1b0294d9a02c 11.2 landed
- f17889b22141 12.0 landed