Hi, I'm working on deploying OpenCA on a Debian system, and I'm really impressed with it so far. I am, however, running into a stumbling block, the dependency on OpenSSL 0.9.7 (still unreleased). Many Debian packages are compiled against the libssl and libcrypto from 0.9.6, and by having 0.9.7-beta3 in place I keep finding I have to recompile key programs (eg. ssh and apache's mod-ssl), making it difficult to use this system in a production environment; security updates on this machine are likely to be too time consuming with all the hand compiled software.
Meanwhile, the only 0.9.7 dependency I could find mentioned on the lists is a requirement for the -pubkey interface on the openssl command line utility. My question is this, can I safely get away with giving OpenCA a statically linked openssl 0.9.7, and leave the Debian 0.9.6 packages in place? If none of the code directly uses new features of libssl or libcrypto I would think that should be safe, and it would make it much easier for me to use this software. Thank you very much in advance for any insight you can throw on this. Sincerely -David Zoll (Gleef), Programmer/Analyst NYS Credit Union League ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
