| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, hlinnaka(at)iki(dot)fi |
| Subject: | Re: SSL tests failing with "ee key too small" error on Debian SID |
| Date: | 2018-09-25 05:26:42 |
| Message-ID: | 20180925052642.GJ1354@paquier.xyz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Sep 25, 2018 at 12:48:57PM +0900, Kyotaro HORIGUCHI wrote:
> Do you mean that cert/key files are generated on-the-fly while
> running 'make check'? It sounds reasonable as long as just
> replaceing existing files with those with longer (2048bits?) keys
> doesn't work for all supported platforms.
The files are present by default in the tree, but can be regenerated
easily by using the makefile rule "sslfiles". From what I can see, this
is caused by OpenSSL 1.1.1 which Debian SID has visibly upgraded to
recently. That's the version I have on my system. I have not dug much
into the Makefile to see if things could get done right and change the
openssl commands though..
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Wood | 2018-09-25 05:30:40 | GetSnapshotData round two(for me) |
| Previous Message | Michael Paquier | 2018-09-25 05:09:04 | Re: New function pg_stat_statements_reset_query() to reset statistics of a specific query |