By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Debian buster : EE certificate key too weak

0

Hello,
I tested yesterday the Debian Buster 10 with a connection to DocumentDB with pymongo (python3).

I got an error with openssl that failled any connection to DocumentDB :

pymongo.errors.ServerSelectionTimeoutError: docdb-XXXXXXXX.eu-west-1.docdb.amazonaws.com:27017: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: EE certificate key too weak (_ssl.c:1076)

openssl version 1.1.1

Do you know if the certificate will be updated or if it requires to configure openssl to not get this exception?

Regards

Topics
Database
Tags
Amazon DocumentDB
Language
English
charlesanssens
asked 5 years ago1061 views
1 Answer
0

We are in the process of upgrading our root certificate. In the meantime, depending on your requirements, an additional option is to modify (/etc/ssl/openssl.cnf) from “CipherString = DEFAULT@SECLEVEL=2” to “CipherString = DEFAULT@SECLEVEL=1”

AWS
AWS-User-2073714
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content