Update ssl test certificates and keys Debian testing and newer now require that RSA and DHE keys are at least 2048 bit long and no longer allow SHA-1 for signatures in certificates. This is currently causing the ssl tests to fail there because the test certificates and keys have been created in violation of those conditions. Update the parameters to create the test files and create a new set of test files. Author: Kyotaro HORIGUCHI <horiguchi.kyotaro@lab.ntt.co.jp> Reported-by: Michael Paquier <michael@paquier.xyz> Discussion: https://www.postgresql.org/message-id/flat/20180917131340.GE31460%40paquier.xyz Branch ------ REL9_6_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/ba26b3172f037b3afa863aaa4db67aa2bcba81db Modified Files -------------- src/test/ssl/Makefile | 2 +- src/test/ssl/cas.config | 6 +- src/test/ssl/ssl/both-cas-1.crt | 77 ++++++++++++++++---------- src/test/ssl/ssl/both-cas-2.crt | 77 ++++++++++++++++---------- src/test/ssl/ssl/client+client_ca.crt | 47 ++++++++++------ src/test/ssl/ssl/client-revoked.crt | 23 +++++--- src/test/ssl/ssl/client-revoked.key | 38 ++++++++----- src/test/ssl/ssl/client.crl | 16 +++--- src/test/ssl/ssl/client.crt | 23 +++++--- src/test/ssl/ssl/client.key | 38 ++++++++----- src/test/ssl/ssl/client_ca.crt | 24 +++++--- src/test/ssl/ssl/client_ca.key | 38 ++++++++----- src/test/ssl/ssl/root+client.crl | 31 ++++++----- src/test/ssl/ssl/root+client_ca.crt | 53 +++++++++++------- src/test/ssl/ssl/root+server.crl | 31 ++++++----- src/test/ssl/ssl/root+server_ca.crt | 53 +++++++++++------- src/test/ssl/ssl/root.crl | 15 +++-- src/test/ssl/ssl/root_ca.crt | 29 ++++++---- src/test/ssl/ssl/root_ca.key | 38 ++++++++----- src/test/ssl/ssl/server-cn-and-alt-names.crt | 27 +++++---- src/test/ssl/ssl/server-cn-and-alt-names.key | 38 ++++++++----- src/test/ssl/ssl/server-cn-only.crt | 27 +++++---- src/test/ssl/ssl/server-cn-only.key | 38 ++++++++----- src/test/ssl/ssl/server-multiple-alt-names.crt | 29 ++++++---- src/test/ssl/ssl/server-multiple-alt-names.key | 38 ++++++++----- src/test/ssl/ssl/server-no-names.crt | 26 +++++---- src/test/ssl/ssl/server-no-names.key | 38 ++++++++----- src/test/ssl/ssl/server-revoked.crt | 27 +++++---- src/test/ssl/ssl/server-revoked.key | 38 ++++++++----- src/test/ssl/ssl/server-single-alt-name.crt | 26 +++++---- src/test/ssl/ssl/server-single-alt-name.key | 38 ++++++++----- src/test/ssl/ssl/server-ss.crt | 28 ++++++---- src/test/ssl/ssl/server-ss.key | 38 ++++++++----- src/test/ssl/ssl/server.crl | 16 +++--- src/test/ssl/ssl/server_ca.crt | 24 +++++--- src/test/ssl/ssl/server_ca.key | 38 ++++++++----- 36 files changed, 743 insertions(+), 450 deletions(-)
pgsql-committers by date:
Соглашаюсь с условиями обработки персональных данных
