Package: nsd Version: 4.1.26 Severity: important Dear Maintainer, when upgrading to debian 10, apt fails to upgrade nsd with the following error message:
$ dpkg --configure -a nsd (4.1.26-1) wird eingerichtet ... [....] Restarting Name Server Daemon: nsd[2019-07-13 21:29:55.066] nsd[11523]: notice: nsd starting (NSD 4.1.26) [2019-07-13 21:29:55.073] nsd[11523]: error: Error for server-cert-file: /etc/nsd/nsd_server.pem [2019-07-13 21:29:55.073] nsd[11523]: error: Error in SSL_CTX use_certificate_file crypto error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small [2019-07-13 21:29:55.074] nsd[11523]: error: could not perform remote control setup failed! Removing the old key and manually running nsd-control-setup regenerates the key, but the new key is a 3k key just like the old one. I needed to edit the script to generate a 4k key, otherwise nsd did not start. This is a serious bug, as it renders the DNS server unusable until you edit the control script and manually generate valid keys. (No package information included beside the version 4.1.26, because I am writing from another system) with kind regards, Alex
