I'm building nginx 1.8.0 on linux/64.
I have openssl 1.0.2a built locally, and installed into /usr/local/ssl
which openssl
/usr/local/ssl/bin/openssl
I've configured nginx build with
./configure \
...
--with-cc-opt='... -I/usr/local/ssl/include -I/usr/local/include' \
--with-ld-opt='-L/usr/local/ssl/lib64 -Wl,-rpath,/usr/local/ssl/lib64
-lssl -lcrypto -ldl -lz' \
--with-http_ssl_module \
...
checking after build/install, the intended ssl libs ARE correctly linked
ldd objs/nginx | egrep -i "ssl|crypto"
libssl.so.1.0.0 => /usr/local/ssl/lib64/libssl.so.1.0.0
(0x00007f9cedd2b000)
libcrypto.so.1.0.0 => /usr/local/ssl/lib64/libcrypto.so.1.0.0
(0x00007f9ced8e8000)
But 'nginx -V' references BOTH the system-installed OpenSSL 1.0.1k-fips, and
'my' OpenSSL 1.0.2a
nginx -V
nginx version: nginx/1.8.0
built with OpenSSL 1.0.1k-fips 8 Jan 2015 (running with OpenSSL
1.0.2a 19 Mar 2015)
TLS SNI support enabled
configure arguments: ...
I want to ensure that the system-installed OpenSSL 1.0.1k-fips is completely
UNinvolved.
What needs to change in the build/config to make sure that it's not?
grant
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
