On Tue, Nov 27, 2018 at 02:21:39PM +0000, Peter Eisentraut wrote: > Update ssl test certificates and keys > > Debian testing and newer now require that RSA and DHE keys are at > least 2048 bit long and no longer allow SHA-1 for signatures in > certificates. This is currently causing the ssl tests to fail there > because the test certificates and keys have been created in violation > of those conditions. > > Update the parameters to create the test files and create a new set of > test files.
Peter, would it make sense to back-patch this commit down to where the SSL tests have been introduced? If /etc/ssl/ is not correctly configured, this results in failures across branches on Debian if the default is used. -- Michael
signature.asc
Description: PGP signature