You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There have been some security fixes in Node 17 which renders some OpenSSL certificates insecure. So far I've identified two problems that we can run into:
building Admin UI fails with this error: Error: error:0308010C:digital envelope routines::unsupported
starting Backend with ActiveDirectory active and providing an LDAPS server puls the necessary certificates can require renewed certificates (as OpenSSL 3.0 has tightened the requirements)
This looks as two separate problems. The first one will probably be fixed by bumping some dependencies in Admin. The other one may require providing new, more secure certificates when using LDAPS.
The text was updated successfully, but these errors were encountered:
The reason for this is that we're still on a very old react-scripts version. We have two options here: upgrade to v5 or add a legacy flag. As this Admin is already a legacy product and we're working on its successor, I won't put any effort into upgrading it this late. So a fix with legacy flag is coming up.
Certificates too weak
This must be fixed server-side: you (or someone who provided you with the certs) must use a stronger encryption algorithm. That'll fix the issue.
There have been some security fixes in Node 17 which renders some OpenSSL certificates insecure. So far I've identified two problems that we can run into:
Error: error:0308010C:digital envelope routines::unsupported
This looks as two separate problems. The first one will probably be fixed by bumping some dependencies in Admin. The other one may require providing new, more secure certificates when using LDAPS.
The text was updated successfully, but these errors were encountered: