Home > mailing lists

SSL tests failing with "ee key too small" error on Debian SID - Mailing list pgsql-hackers

From	Michael Paquier
Subject	SSL tests failing with "ee key too small" error on Debian SID
Date	September 17, 2018 19:13:40
Msg-id	20180917131340.GE31460@paquier.xyz Whole thread Raw
Responses	Re: SSL tests failing with "ee key too small" error on Debian SID (Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp>)
List	pgsql-hackers

Tree view

Hi all,

On a rather freshly-updated Debian SID server, I am able to see failures
for the SSL TAP tests:
2018-09-17 22:00:27.389 JST [13072] LOG:  database system is shut down
2018-09-17 22:00:27.506 JST [13082] FATAL:  could not load server
certificate file "server-cn-only.crt": ee key too small
2018-09-17 22:00:27.506 JST [13082] LOG:  database system is shut down
2018-09-17 22:00:27.720 JST [13084] FATAL:  could not load server
certificate file "server-cn-only.crt": ee key too small

Wouldn't it be better to rework the rules used to generate the different
certificates and reissue them in the tree?  It seems to me that this is
just waiting to fail in other platforms as well..

Thanks,
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Chris Travers
Date: 17 September 2018, 19:05:08
Subject: Re: [PATCH] Fix for infinite signal loop in parallel scan

From: Chris Travers
Date: 17 September 2018, 19:15:11
Subject: Re: [PATCH] Fix for infinite signal loop in parallel scan

SSL tests failing with "ee key too small" error on Debian SID - Mailing list pgsql-hackers

Attachment

Previous

Next