Re: [Openca-Users] OpenSSL 0.9.7 dependency

Wed, 30 Oct 2002 08:39:07 -0800 

David L. Zoll wrote:

Hi, I'm working on deploying OpenCA on a Debian system, and I'm really
impressed with it so far.  I am, however, running into a stumbling
block, the dependency on OpenSSL 0.9.7 (still unreleased).  Many
Debian packages are compiled against the libssl and libcrypto from
0.9.6, and by having 0.9.7-beta3 in place I keep finding I have to
recompile key programs (eg. ssh and apache's mod-ssl), making it
difficult to use this system in a production environment; security
updates on this machine are likely to be too time consuming with all
the hand compiled software.
Ooops, this is not necessary. If Debian installed it's OpenSSL 0.9.6 in /usr/local/ssl (OpenSSL's default place) then simply install OpenSSL 0.9.7 in /usr/local/ssl-0.9.7 and set openssl-prefix during OpenCA's ./configure to /usr/local/ssl-0.9.7.

Meanwhile, the only 0.9.7 dependency I could find mentioned on the
lists is a requirement for the -pubkey interface on the openssl
command line utility.
No, there are some other issues. We use more then only this special new option. Also we compile some code which uses OpenSSL 0.9.7.

My question is this, can I safely get away with giving OpenCA a
statically linked openssl 0.9.7, and leave the Debian 0.9.6 packages
in place? If none of the code directly uses new features of libssl or
libcrypto I would think that should be safe, and it would make it much
easier for me to use this software.
This is not possible because we compile some programs which need OpenSSL 0.9.7 but you can install OpenSSL 0.9.7 in a special directory like described above without damaging your other software.

Best regards

Michael

P.S. I run an old SuSE with 0.9.6 and 0.9.7 like the most other users too.
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users

Reply via email to