Quick Links

Re: SSL tests failing with "ee key too small" error on Debian SID

From:	Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
To:	Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>, michael(at)paquier(dot)xyz
Cc:	pgsql-hackers(at)postgresql(dot)org, hlinnaka(at)iki(dot)fi
Subject:	Re: SSL tests failing with "ee key too small" error on Debian SID
Date:	2018-11-27 14:24:26
Message-ID:	e3be1352-36f0-5669-7e66-00b7321d6384@2ndquadrant.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 01/10/2018 14:18, Kyotaro HORIGUCHI wrote:
> The attached second patch just changes key size to 2048 bits and
> "ee key too small" are eliminated in 001_ssltests_master, but
> instead I got "ca md too weak" error. This is eliminated by using
> sha256 instead of sha1 in cas.config. (third attached)

I have applied these configuration changes and created a new set of test
files with them.

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

Re: SSL tests failing with "ee key too small" error on Debian SID at 2018-10-01 12:18:01 from Kyotaro HORIGUCHI

Responses

Re: SSL tests failing with "ee key too small" error on Debian SID at 2018-11-27 14:37:17 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Peter Eisentraut	2018-11-27 14:27:50	Re: SSL tests failing with "ee key too small" error on Debian SID
Previous Message	Peter Eisentraut	2018-11-27 14:21:39	pgsql: Update ssl test certificates and keys