Home > mailing lists

Re: SSL tests failing with "ee key too small" error on Debian SID - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: SSL tests failing with "ee key too small" error on Debian SID
Date	November 27, 2018 17:37:17
Msg-id	32191.1543329437@sss.pgh.pa.us Whole thread Raw
In response to	Re: SSL tests failing with "ee key too small" error on Debian SID (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
Responses	Re: SSL tests failing with "ee key too small" error on Debian SID (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes:
> On 01/10/2018 14:18, Kyotaro HORIGUCHI wrote:
>> The attached second patch just changes key size to 2048 bits and
>> "ee key too small" are eliminated in 001_ssltests_master, but
>> instead I got "ca md too weak" error. This is eliminated by using
>> sha256 instead of sha1 in cas.config. (third attached)

> I have applied these configuration changes and created a new set of test
> files with them.

Buildfarm critters aren't going to be happy unless you back-patch that.

            regards, tom lane

pgsql-hackers by date:

From: Peter Eisentraut
Date: 27 November 2018, 17:36:59
Subject: Re: Continue work on changes to recovery.conf API

From: Stephen Frost
Date: 27 November 2018, 17:39:23
Subject: Re: pgsql: Integrate recovery.conf into postgresql.conf

Re: SSL tests failing with "ee key too small" error on Debian SID - Mailing list pgsql-hackers

Previous

Next