PGO/PGBackrest reports "ServiceError: TLS error [1:337260938] dh key too small" when backing up to S3-compatible object storage

[johnswarbrick-napier]

When backing up to an S3-compatible object storage service, PGO/PGBackrest reports error:

ServiceError: TLS error [1:337260938] dh key too small

When I check the certificate exchange using openssl I see:

CONNECTED(00000003)
depth=0 CN = DataService
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = DataService
verify return:1
---
Certificate chain
0 s:/CN=DataService
   i:/CN=DataService
-----BEGIN CERTIFICATE-----
MIIENjCCAx6gAwIBAgIJAMS7a6AfM0xzMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNV
<snip>
9okxGGmD7as1W+9ug/Ibj7wqMnn7nAmPdo5VoOa88pfIdZyI0Fek4V3ltZfdrqnB
6vKodhOqX7vJU83a8lAKTch+KA45pOAskAk=
-----END CERTIFICATE-----
---
Server certificate
subject=/CN=DataService
issuer=/CN=DataService
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 1760 bytes and written 479 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384
    Session-ID: AE714B591444A984605AF68EF33203F72035634E39489691C1B0348FD22E4C71
    Session-ID-ctx:
    Master-Key: 6CE09BCA8B664C42419F2924D5AAC2F25BF8F0584F6803226FF5A9A206CAEBCC140F3F63A1CE0AC29595068AAFE10FBB
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1717405517
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)

I assume the S3-compatible object storage is using a key exchange cipher that PGBackrest doesn't support (Server Temp Key: DH, 1024 bits?), but I'm not sure how best to troubleshoot/resolve from this point?

I have TLS certificate verification disabled, but couldn't find any options for key support.

Environment

Please provide the following details:

• Platform: Kubernetes
• Platform Version: 1.27.9
• PGO Image Tag: ubi8-5.5.1-0
• Postgres Version: centos8-13.6-0
• PGBackrest Version: ubi8-2.38-2
• Storage: S3-compatible

[cbandy]

I believe your problem is here:

Server Temp Key: DH, 1024 bits

• https://security.stackexchange.com/a/272588
• https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1

I see the same message from OpenSSL on my machines:

$ openssl s_client -brief dh1024.badssl.com:443
Connecting to 104.154.89.105
00CCD4F501000000:error:0A00018A:SSL routines:tls_process_ske_dhe:dh key too small:ssl/statem/statem_clnt.c:2314:

[johnswarbrick-napier]

Thanks @cbandy - and a useful tip about the badssl.com site - I didn't know about that!

I guess I'll have to figure out the vendor of the object storage service and get them to update the DH key to something stronger.