Today I upgraded one of my older servers (from before my decision to switch all new production servers to CentOS) to Fedora 30. After the upgrade, I found that the system would not accept 2048-bit SSL keys. In fact, DNF would even refuse to download the packagelists because of this.
Taking the URL from DNF and attempting to fetch the page manually through curl
got me "curl: (60) SSL certificate problem: CA certificate key too weak".
Normally a one-off configuration issue I’d just fix and move on, but a few
web searches for that error string turned up nothing, so I feel compelled to
post here on the off chance someone has the same issue.
After giving up on web searches, I ran a simple find /etc/ -name "*ssl*".
This gives me a list of files that could reasonably contain the
misconfiguration. In examining these files, I learned that a while back, Fedora
centralized the cryptography policies in a single location, namely
/etc/crypto-policies. This location is not present in CentOS/RHEL 7, however,
as Fedora is a testbed for Red Hat Enterprise Linux, it may exist in RHEL 8.
In any case, what happened to my system was that even with the contents of /etc/crypto-policies/default-config specifying the system should use the DEFAULT profile, the back-ends/openssl.config file was linked to the FUTURE profile, locking it to a higher security level than most websites are able to abide today.
To fix the issue, run update-crypto-policies --set NEXT or --set DEFAULT.
This will lower the security policy to a level that allows today’s web servers
to negotiate with the host in question.
Incidentally, while the FUTURE preset specifies SECLEVEL=3, even the Federal Information Processing Standards (FIPS) profile specifies SECLEVEL=2, so I feel fairly comfortable in ditching the overly restrictive policy.