On Wed, Feb 19, 2014 at 11:21 AM, Tom Browder <tom.brow...@gmail.com> wrote: > On Wed, Feb 19, 2014 at 10:53 AM, Dr Stephen Henson > <shen...@opensslfoundation.com> wrote: >> On 19/02/2014 15:08, Tom Browder wrote: >>> I configured httpd-2.4.7 successfully to use mod_ssl: >>> >>> ... >> That could be user error. The path /usr/local/ssl/fips-2.0 is the default >> install location of the FIPS module which isn't a complete version of >> OpenSSL. >> It should point to the location the FIPS capable OpenSSL is installed >> instead. > > Hm, I thought I tried that but I'll recheck and configure with: > > --with-ssl=/usr/local/ssl
Bummer! When I did that, I get this: checking for OpenSSL... checking for user-provided OpenSSL base directory... /usr/local/ssl adding "-I/usr/local/ssl/include" to CPPFLAGS setting MOD_CFLAGS to "-I/usr/local/ssl/include" setting ab_CFLAGS to "-I/usr/local/ssl/include" adding "-L/usr/local/ssl/lib" to LDFLAGS setting MOD_LDFLAGS to "-L/usr/local/ssl/lib" checking for OpenSSL version >= 0.9.7... OK adding "-lssl" to MOD_LDFLAGS adding "-lcrypto" to MOD_LDFLAGS adding "-lrt" to MOD_LDFLAGS adding "-lcrypt" to MOD_LDFLAGS adding "-lpthread" to MOD_LDFLAGS adding "-ldl" to MOD_LDFLAGS setting LIBS to "-lssl -lcrypto -lrt -lcrypt -lpthread -ldl" forcing ab_LDFLAGS to "-L/usr/local/ssl/lib -lssl -lcrypto -lrt -lcrypt -lpthread -ldl" checking openssl/engine.h usability... yes checking openssl/engine.h presence... yes checking for openssl/engine.h... yes checking for SSLeay_version... no checking for SSL_CTX_new... no checking for ENGINE_init... no checking for ENGINE_load_builtin_engines... no configure: WARNING: OpenSSL libraries are unusable yes setting MOD_SSL_LDADD to "-export-symbols-regex ssl_module" checking whether to enable mod_ssl... shared (reallyall) adding "-I$(top_srcdir)/modules/ssl" to INCLUDES So, is that a bad build for using mod_ssl or not? I will try the build now and report back. -Tom
