Recent versions of openssl will refuse to work with 1024-bit RSA keys, as they are considered insecure. I didn't track down the exact version in which the defaults were tightened, but the Debian-package openssl 3.0 on my system yields: $ LIB_HTTPD_SSL=1 ./t5551-http-fetch-smart.sh -v -i [...] SSL Library Error: error:0A00018F:SSL routines::ee key too small 1..0 # SKIP web server setup failed This could probably be overcome with configuration, but that's likely to be a headache (especially if it requires touching /etc/openssl). Let's just pick a key size that's less outrageously out of date. Signed-off-by: Jeff King <peff@xxxxxxxx> --- t/lib-httpd/ssl.cnf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/lib-httpd/ssl.cnf b/t/lib-httpd/ssl.cnf index 6dab2579cb..812e8253f0 100644 --- a/t/lib-httpd/ssl.cnf +++ b/t/lib-httpd/ssl.cnf @@ -1,7 +1,7 @@ RANDFILE = $ENV::RANDFILE_PATH [ req ] -default_bits = 1024 +default_bits = 2048 distinguished_name = req_distinguished_name prompt = no [ req_distinguished_name ] -- 2.39.1.767.gb4615b3bd3
