From: | Thomas Munro <thomas(dot)munro(at)enterprisedb(dot)com> |
---|---|
To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Postgres hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: pgsql: Update ssl test certificates and keys |
Date: | 2019-01-03 21:08:25 |
Message-ID: | CAEepm=1mwToGO267MN+awmYThtUYFt1ujoMsnydDZOypY6B0gA@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers pgsql-hackers |
On Fri, Jan 4, 2019 at 3:36 AM Peter Eisentraut
<peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> On 23/12/2018 09:04, Michael Paquier wrote:
> > On Tue, Nov 27, 2018 at 02:21:39PM +0000, Peter Eisentraut wrote:
> >> Update ssl test certificates and keys
> >>
> >> Debian testing and newer now require that RSA and DHE keys are at
> >> least 2048 bit long and no longer allow SHA-1 for signatures in
> >> certificates. This is currently causing the ssl tests to fail there
> >> because the test certificates and keys have been created in violation
> >> of those conditions.
> >>
> >> Update the parameters to create the test files and create a new set of
> >> test files.
> >
> > Peter, would it make sense to back-patch this commit down to where the
> > SSL tests have been introduced? If /etc/ssl/ is not correctly
> > configured, this results in failures across branches on Debian if the
> > default is used.
>
> done
Thanks. FWIW I've just updated eelpout (a Debian testing BF animal
that runs all the extra tests including SSL) to use libssl-dev
(instead of libssl1.0-dev), and cleared its accache files. Let's see
if that works...
--
Thomas Munro
http://www.enterprisedb.com
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2019-01-03 22:00:39 | pgsql: Improve ANALYZE's handling of concurrent-update scenarios. |
Previous Message | Tom Lane | 2019-01-03 18:40:42 | Re: pgsql: Remove WITH OIDS support, change oid catalog column visibility. |
From | Date | Subject | |
---|---|---|---|
Next Message | Alvaro Herrera | 2019-01-03 21:12:05 | Re: [PATCH][PROPOSAL] Add enum releation option type |
Previous Message | Tom Lane | 2019-01-03 21:01:14 | Re: Unified logging system for command-line programs |