Seeing "SSL_CTX_use_certificate:ee key too small" error after upgrading to RHEL 8

Solution Unverified - Updated -

Issue

  • Why does httpd fail to start with "SSL Library Error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small"? /var/log/httpd/ssl_error_log sample:

    AH02562: Failed to configure certificate www1.example.com:443:0 (with chain), check /etc/pki/tls/certs/server.crt
    SSL Library Error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small
    
  • NGINX fails to start with "key too small" error:

    [emerg] SSL_CTX_use_certificate("/etc/nginx/certs/cert") failed (SSL: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small)
    

Environment

  • Red Hat Enterprise Linux (RHEL)
    • 8.x
  • Red Hat Software Collections (RHSCL)
  • Red Hat JBoss Core Services (JBCS)
  • Apache HTTPD
    • mod_ssl
  • NGINX

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In