On Thu, Sep 21, 2017 at 11:16:33PM +0200, Sebastian Andrzej Siewior wrote: > On 2017-09-21 12:03:19 [-0700], Josh Triplett wrote: > > Attempting to use "openssl s_client -ct" produces this error: > > > > 139776622486784:error:02001002:system library:fopen:No such file or > > directory:../crypto/bio/bss_file.c:74:fopen('/usr/lib/ssl/ct_log_list.cnf','rb') > > 139776622486784:error:2006D080:BIO routines:BIO_new_file:no such > > file:../crypto/bio/bss_file.c:81: > > 139776622486784:error:0E078072:configuration file routines:def_load:no such > > file:../crypto/conf/conf_def.c:150: > > 139776622486784:error:3207B06D:CT routines:CTLOG_STORE_load_file:log conf > > invalid:../crypto/ct/ct_log.c:207: > > > > Please ship an appropriate /usr/lib/ssl/ct_log_list.cnf . > > I have no idea what to do. So current 1.1.0f has a ct_log_list.cnf which > has some entries and we could ship. However master has now an empty file > since > > https://github.com/openssl/openssl/commit/c7af65c7b28db13d39bb24f44730bf0293355e94 > so I *think* you would need to edit that file anyway (not now but in a > further release). So as user you would probably want to use > -ctlogfile infile > instead. > Any ideas?
I would suggest shipping the file that results from following the comments there, and keeping it up to date.