Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SSL key too small, project doesn't start
See original GitHub issuenpm start fails with below:
A critical error occured, forcing Bankai to abort:
Error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small
at Object.createSecureContext (_tls_common.js:135:17)
at new Server (_tls_wrap.js:873:27)
at new Http2SecureServer (internal/http2/core.js:2839:5)
at createSecureServer (internal/http2/core.js:2963:10)
at /home/dev/baby-math/node_modules/bankai/lib/http-server.js:61:29
at process._tickCallback (internal/process/next_tick.js:68:7)
Workaround:
Changing a line in /etc/ssl/openssl.cnf
from:
CipherString = DEFAULT@SECLEVEL=2
to
CipherString = DEFAULT@SECLEVEL=1
but it is probably better to just create a longer ssl key.
Versions: npm 6.11.3 node v10.16.3 debian buster openSSL 1.0.2g 1 Mar 2016
Issue Analytics
- State:
- Created 4 years ago
- Reactions:3
- Comments:6 (1 by maintainers)
Top Results From Across the Web
SSL Key too small error on startup - Aerospike Support
This is an SSL error message. The reason the error is shown is because as of openSSL 1.1.0k, 1024 bit certificates were no...
Read more >rails thin server cannot start - certificate too small
Server starts fine but when I go to it I get: 140107127297856:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small:../ssl/ ...
Read more >1882939 – dovecot fails to start with "key too small" - mkcert ...
The fix for this bug is to create secure certificate - not to support insecure certificates. It is a different problem if you...
Read more >SSL_CTX_use_certificate:ee key too small - Delphi-PRAXiS [en]
I tried to run demo project OverbyteIcsSimpleSslServer with ... you need an SSL/TLS certificate for the ICS SSL server or it will not...
Read more >[SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:1108 ...
However, in many cases, this will not be possible. ... I was able to get my project to work after I lowered the...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Waiting on this: https://github.com/jfromaniello/selfsigned/pull/35
Actually I just noticed
selfsignedhardcodes one side of the cert to be1024. I am making a PR to that project to respect keySize for both keys, which we should wait for before considering this fixed.