Problem Description
When Aerospike and the OS have been upgraded on a node, the server fails at start up with
error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small
even though the same certificate worked with the previous version of Aerospike on the older OS.
Explanation
This is an SSL error message. The reason the error is shown is because as of openSSL 1.1.0k, 1024 bit certificates were no longer considered secure and will therefore be rejected.
Solution
To resolve this error, 2048 bit certificates must be generated for use with Aerospike. The openSSL version used is dependant on the OS rather than the Aerospike version and as such this change in behaviour is resultant from the OS upgrade.
Notes
Applies To Earliest Version
Pre 4.9
Applies To Latest Version
Current Version
