Resolving openSSL 3 upgrade issues

Starting with v23, the Tines image now ships with OpenSSL v3. As part of OpenSSL v3, the client (Tines image) may try to negotiate the TLS request and fail due to incorrect SHA or signing issues. Below are remediations for when you encounter such issues:

DH Key Too Small

This issue can occur if the client (Tines image) tries to negotiate the TLS request from your HTTP Action and requires that RSA and DHE keys be at least 2048 bits long. If the server does not present keys of the correct length, the action run will fail with the error dh key too small

In such a case, we recommend you upgrade the server to support the latest encryption and signing methods. However, as a temporary remediation, you can add the following environment variable to your runtime environment to mitigate the issue.

OVERRIDE_OPENSSL_SECLEVEL="DEFAULT:@SECLEVEL=0"

Get to know Tines

Meet the product

Features and capabilities

Cases

AI in Tines

Build apps

What’s new?

Solutions

By product

By team

Tines for

Partners

Federal

MSSPs

Learn

Library

University

Tines Explained ^↗

Discover

Blog

Case studies

Company

About

Careers

Stay in touch

Contact

Slack Community ^↗

Newsroom

Product