| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Postgres hackers <pgsql-hackers(at)postgresql(dot)org> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Subject: | SSL tests failing with "ee key too small" error on Debian SID |
| Date: | 2018-09-17 13:13:40 |
| Message-ID: | 20180917131340.GE31460@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
On a rather freshly-updated Debian SID server, I am able to see failures
for the SSL TAP tests:
2018-09-17 22:00:27.389 JST [13072] LOG: database system is shut down
2018-09-17 22:00:27.506 JST [13082] FATAL: could not load server
certificate file "server-cn-only.crt": ee key too small
2018-09-17 22:00:27.506 JST [13082] LOG: database system is shut down
2018-09-17 22:00:27.720 JST [13084] FATAL: could not load server
certificate file "server-cn-only.crt": ee key too small
Wouldn't it be better to rework the rules used to generate the different
certificates and reissue them in the tree? It seems to me that this is
just waiting to fail in other platforms as well..
Thanks,
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Chris Travers | 2018-09-17 13:15:11 | Re: [PATCH] Fix for infinite signal loop in parallel scan |
| Previous Message | Chris Travers | 2018-09-17 13:05:08 | Re: [PATCH] Fix for infinite signal loop in parallel scan |