https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7807
Bug ID: 7807
Summary: t/spamd_ssl.t fails due to small key size
Product: Spamassassin
Version: 3.4.4
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Regression Tests
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: Undefined
On RHEL/Centos 8, due to its default crypto policy, the 'tests t/spamd_ssl.t'
and 't/spamd_ssl_accept_fail.t' fail, because the key in the certificate
(t/data/etc/testhost.cert, t/data/etc/testhost.key) is too small.
I've confirmed this with a small sample program that loads the certificate. The
program fails with the following error:
140561996314432:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too
small:ssl/ssl_rsa.c:310
If I generate my own key/certificate using e.g. the following, the tests pass.
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout testhost.key
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout
testhost.key -out testhost.cert
Can you please generate a new test key/certificate that is larger and add it to
the repository?
Thanks!
--
You are receiving this mail because:
You are the assignee for the bug.
