OpenSSL Base vs. OpenSSL Port?

Tue, 16 Jun 2009 16:04:53 -0700

I had been running 6.2 with openssl base for quite a while. Then I attempted to implement the dkim-filter port which required using openssl to generate keys. That's when I noticed that openssl is broken on my machine. See this example: 

# openssl genrsa -out rsa.private 1024
Error configuring OpenSSL
28086:error:260AB089:engine routines:ENGINE_ctrl_cmd_string:invalid cmd name:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/engine/eng_ctrl.c:318: 28086:error:0E07406D:configuration file routines:CONF_modules_load:module initialization error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_mod.c:234:module=engines, value=openssl_engines, retcode=-1 


So I thought rebuilding world might fix it and while I was at it, I 
upgraded to 6.4 but still have the same problem.


Next I tried installing openssl from ports.  This openssl seems to work:

# /usr/local/bin/openssl genrsa -out rsa.private 1024
Generating RSA private key, 1024 bit long modulus
..............................................................++++++
..............++++++
e is 65537 (0x10001)


But now I am unclear as to what state my system is in.  What is the 
preferred method for using openssl from ports vs. using openssl base.  I 
don't really care which I use but want to avoid trouble with multiple 
versions of openssl and/or ports compiled against the wrong version.  
I've been Googling all day but can not find a clear guide.



Specifically, what should I have in my /etc/make.conf and what 
portupgrade command should I use to ensure things are build against the 
correct openssl?  I've seen things like OPENSSL_OVERWRITE_BASE=yes, 
NO_OPENSSL=yes, WITH_OPENSSL_PORT=yes, WITH_OPENSSL_BETA=yes, and 
portupgrade -rf openssl but remain confused.


Thanks,

Drew

--
Be a Great Magician!
Visit The Alchemist's Warehouse

http://www.alchemistswarehouse.com

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"






















					Reply via email to