вт, 5 июл. 2022 г. в 11:56, William Lallemand <wlallem...@haproxy.com>:
> On Tue, Jul 05, 2022 at 11:15:25AM +0500, Илья Шипицин wrote: > > I tried to run on Ubuntu 22.04, it is shipped with OpenSSL-3.0 and > > SECLEVEL=2 by default (probably it is correct for RedHat 9 as well ?) > > > > test · chipitsine/haproxy@1d69992 (github.com) > > < > https://github.com/chipitsine/haproxy/runs/7163834085?check_suite_focus=true#step:16:602 > > > > > > ssl - What could cause "dh key too small" error? - Stack Overflow > > < > https://stackoverflow.com/questions/61626206/what-could-cause-dh-key-too-small-error > > > > > > if nobody minds, I'll add SECLEVEL=2 to CI. > > shall we run *only* SECLEVEL=2 or shall we expand build matrix ? > > > > That's not a good idea, this is supposed to be the default in a lot of > distribution and this could hide a lot of problems. HAProxy must works > with this default settings, the failing reg-test must be fixed instead. > I mean "what to do after reg-test fix" (no question on that). in order to prevent regression... > > -- > William Lallemand >