Re: SSL tests failing with "ee key too small" error on Debian SID
Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
From: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>
To: Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>, michael@paquier.xyz
Cc: pgsql-hackers@postgresql.org, hlinnaka@iki.fi
Date: 2018-11-27T14:24:26Z
Lists: pgsql-hackers
On 01/10/2018 14:18, Kyotaro HORIGUCHI wrote: > The attached second patch just changes key size to 2048 bits and > "ee key too small" are eliminated in 001_ssltests_master, but > instead I got "ca md too weak" error. This is eliminated by using > sha256 instead of sha1 in cas.config. (third attached) I have applied these configuration changes and created a new set of test files with them. -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Commits
-
Update ssl test certificates and keys
- 7f2576812655 9.5.16 landed
- ba26b3172f03 9.6.12 landed
- 114635e55235 10.7 landed
- 1b0294d9a02c 11.2 landed
- f17889b22141 12.0 landed