Re: Problem related to self signed certificate peer verification
[EMAIL PROTECTED] wrote: Sir, How do I check to see what version of Open SSL that I have on my system? I am trying to answer the attached vulnerability. If you have the executable for the superapp then use: openssl version -a If you don't then you can strings path-to-library | grep ' part of ' and look at the strings generated e.g. for an old Ubuntu build ldd /usr/bin/openssl (to figure out the path to the library) strings /usr/lib/i686/cmov/libssl.so.0.9.8 | grep ' part of ' SSLv2 part of OpenSSL 0.9.8c 05 Sep 2006 SSLv3 part of OpenSSL 0.9.8c 05 Sep 2006 TLSv1 part of OpenSSL 0.9.8c 05 Sep 2006 DTLSv1 part of OpenSSL 0.9.8c 05 Sep 2006 If you have code: Look in crypto/opensslv.h (or whereever you place placed the include file during installation) and see OPENSSL_VERSION_NUMBER grep OPENSSL_VERSION_ /usr/include/openssl/opensslv.h Tim. PGP.sig Description: PGP signature
upgrade openssl, do I need to recompile apache
I have a Solaris 8 server. I just upgraded openssl (0.9.7m to 0.9.8.h) and prior notes indicated that an apachectl -k graceful took care of reloading the new ssl. After restarting (either graceful or stop/start), the error log shows the old version still loading and the server-status shows the same. [Tue Oct 21 17:21:40 2008] [notice] Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7m configured -- resuming normal operations My config.log for http show ./configure --disable-ipv6 --enable-info --enable-status --enable-ssl --with -ssl=/usr/local/ssl --disable-negotiation --disable-userdir --disable-autoindex --disable-imap --enable-expires Any suggestions please? -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache-tp20099833p20099833.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: upgrade openssl, do I need to recompile apache
Yes, you need to recompile mod_ssl of Apache when openssl is upgraded. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of csross Sent: Wednesday, October 22, 2008 3:02 AM To: openssl-users@openssl.org Subject: upgrade openssl, do I need to recompile apache I have a Solaris 8 server. I just upgraded openssl (0.9.7m to 0.9.8.h) and prior notes indicated that an apachectl -k graceful took care of reloading the new ssl. After restarting (either graceful or stop/start), the error log shows the old version still loading and the server-status shows the same. [Tue Oct 21 17:21:40 2008] [notice] Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7m configured -- resuming normal operations My config.log for http show ./configure --disable-ipv6 --enable-info --enable-status --enable-ssl --with -ssl=/usr/local/ssl --disable-negotiation --disable-userdir --disable-autoindex --disable-imap --enable-expires Any suggestions please? -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache-tp200 99833p20099833.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Problem related to Peer Certificate verification....
Hi all, Actually we have one CA certificate is provided by service server (That is root certificate in .pem format and .crt format). I used that certicate to verify the peer. I got unknown CA. I saw that certificate was coming from service server having thawte CA and having issuer and subject information related to thawte and we have CA root certificate having service server as CA and information related to service server. So please let me know how to verify the peer certificate. And to solve this issue. Thank you. Regards, --Ajeet Kumar Singh image001.jpg
What would cause a seg fault?
Hi All, I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base. Previously, this shared object linked to the libssl.a (openssl 9.8h) provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, it seg faults in a call to the function SSL_CTX_ctrl(). Code Dump Segmentation fault in SSL_CTX_ctrl at 0xd1f6bb80 ($t1) 0xd1f6bb80 (SSL_CTX_ctrl+0xfc) 900300a4 stw r0,0xa4(r3) (dbx) where SSL_CTX_ctrl() at 0xd1f6bb80 XS_Crypt__SSLeay__CTX_new() at 0xd1f64318 Perl_pp_entersub() at 0xd31100d8 Perl_runops_standard() at 0xd3163ad4 S_call_body() at 0xd3075950 Perl_call_sv() at 0xd3079dac S_call_list_body() at 0xd30758bc Perl_call_list() at 0xd307c4f0 Perl_newATTRSUB() at 0xd30d3318 Perl_utilize() at 0xd30d3af8 Perl_yyparse() at 0xd310a494 S_parse_body() at 0xd30765e0 perl_parse() at 0xd307ccc0 main() at 0x1460 Here is the full ld command, ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto Also, here is the output of 'dump -Tv SSLeay.so' for the symbol in the stack trace: ***Loader Symbol Table Information*** [Index] Value Scn IMEX Sclass Type IMPid Name [71]0xundef IMP DS EXTref libssl.a(libssl.so.0.9.8) SSL_CTX_ctrl Is this beacuse i have to specify the header file also when i am doing linking. Can u please help me Thanks Joshi Chandran -- View this message in context: http://www.nabble.com/What-would-cause-a-seg-fault--tp20108404p20108404.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: What would cause a seg fault?
I have used openssl 9.8h version There is mistake in previous mail I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base(openssl 9.8h). Previously, this shared object linked to the libssl.a provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, Rest are same . Please help Thanks Joshi On Wed, Oct 22, 2008 at 4:29 PM, joshi chandra [EMAIL PROTECTED]wrote: Hi All, I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base. Previously, this shared object linked to the libssl.a (openssl 9.8h) provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, it seg faults in a call to the function SSL_CTX_ctrl(). Code Dump Segmentation fault in SSL_CTX_ctrl at 0xd1f6bb80 ($t1) 0xd1f6bb80 (SSL_CTX_ctrl+0xfc) 900300a4 stw r0,0xa4(r3) (dbx) where SSL_CTX_ctrl() at 0xd1f6bb80 XS_Crypt__SSLeay__CTX_new() at 0xd1f64318 Perl_pp_entersub() at 0xd31100d8 Perl_runops_standard() at 0xd3163ad4 S_call_body() at 0xd3075950 Perl_call_sv() at 0xd3079dac S_call_list_body() at 0xd30758bc Perl_call_list() at 0xd307c4f0 Perl_newATTRSUB() at 0xd30d3318 Perl_utilize() at 0xd30d3af8 Perl_yyparse() at 0xd310a494 S_parse_body() at 0xd30765e0 perl_parse() at 0xd307ccc0 main() at 0x1460 Here is the full ld command, ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto Also, here is the output of 'dump -Tv SSLeay.so' for the symbol in the stack trace: ***Loader Symbol Table Information*** [Index] Value Scn IMEX Sclass Type IMPid Name [71]0xundef IMP DS EXTref libssl.a(libssl.so.0.9.8) SSL_CTX_ctrl Is this beacuse i have to specify the header file also when i am doing linking. Can u please help me Thanks Joshi Chandran -- View this message in context: http://www.nabble.com/What-would-cause-a-seg-fault--tp20108404p20108404.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Regards Joshi Chandran
OpenSSL verification problem
Hi, I created a Certificate Authority with using openssl and CA.pl. I can sign a file with the following openssl command without any problem. # openssl smime -sign -in hello.txt -out hello.sign -outform pem -inkey demoCA/private/cakey.pem -signer demoCA/cacert.pem But I can't verify the signed file with the following code. And after running this command I receive the following error message. How can I solve this problem. # openssl smime -verify -inform PEM -in hello.sign -content hello.txt -CAfile demoCA/cacert.pem Verification failure 1893:error:21071065:PKCS7 routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:948: 1893:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:312: Sincerelly, Kadir. -- View this message in context: http://www.nabble.com/OpenSSL-verification-problem-tp20111876p20111876.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Execution of openssl commands
Hi, I tried executing the following open ssl command on the console for Generating Certificate Signing Requests When generating the certificate signing request (on the target device) I got the error: unable to write 'random state'. The same worked on the host linux m/c /usr/local/apac/RW/bin $ openssl x509 -req -days 30 -in host.csr -signkey host.k ey -out host.cert Signature ok subject=/C=IN/ST=KRN/L=Bnaglore/O=Honeywell/OU=ACSHBS/CN=Husaain/emailAd dress=mu [EMAIL PROTECTED] Getting Private key unable to write 'random state' Could you please comment on what possible causes for the problem Regards, Hussain
RE: upgrade openssl, do I need to recompile apache
Thank you. Do I go into the apache source (httpd-2.2.8/modules/ssl) and just recompile in this directory or recompile the entire thing (apache)? I'm not loading ssl dynamically in apache. Thank you very much. Prathima Dandapani -X (pdandapa - HCL at Cisco) wrote: Yes, you need to recompile mod_ssl of Apache when openssl is upgraded. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of csross Sent: Wednesday, October 22, 2008 3:02 AM To: openssl-users@openssl.org Subject: upgrade openssl, do I need to recompile apache I have a Solaris 8 server. I just upgraded openssl (0.9.7m to 0.9.8.h) and prior notes indicated that an apachectl -k graceful took care of reloading the new ssl. After restarting (either graceful or stop/start), the error log shows the old version still loading and the server-status shows the same. [Tue Oct 21 17:21:40 2008] [notice] Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7m configured -- resuming normal operations My config.log for http show ./configure --disable-ipv6 --enable-info --enable-status --enable-ssl --with -ssl=/usr/local/ssl --disable-negotiation --disable-userdir --disable-autoindex --disable-imap --enable-expires Any suggestions please? -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache-tp200 99833p20099833.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache-tp20099833p20111935.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
OpenSSL - WinCE support
Hi, Please let me know, which version of OpenSSL has support for WinCe. When I tried to build version openssl-0.9.8i for WinCe, I came across different issue like, header files not found. I manage to copy the required files from C:\Program Files\Microsoft Visual Studio 8\SmartDevices\SDK\Smartphone2003\Include. Now I'm getting clarm.exe /Fotmp32_ARMV4\cryptlib.obj -Iinc32 -Itmp32_ARMV4 /MC /O1i /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -IC:\wcecompat/include -DOPENSSL_SMALL_FOOTPRINT -D_WIN32_WCE=400 -DUNDER_CE=400 -DWCE_PLATFORM_STANDARDSDK -DARM -D_ARM_ -DARMV4 /Fdout32_ARMV4 -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_TLSEXT -DOPENSSL_NO_CMS -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -c ..\crypto\cryptlib.c cryptlib.c f:\openssl wince\openssl-0.9.8i\openssl-0.9.8i\crypto\cryptlib.c(755) : error C2220: warning treated as error - no object file generated f:\openssl wince\openssl-0.9.8i\openssl-0.9.8i\crypto\cryptlib.c(755) : warningC4013: 'abort' undefined; assuming extern returning int NMAKE : fatal error U1077: 'clarm.exe' : return code '0x2' Stop. Please help me in sorting out this problem. Thanks Palani DISCLAIMER: --- The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. It shall not attach any liability on the originator or HCL or its affiliates. Any views or opinions presented in this email are solely those of the author and may not necessarily reflect the opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of the author of this e-mail is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any mail and attachments please check them for viruses and defect. ---
Re: What would cause a seg fault?
This is how i am compiling # cc_r -c -I/usr/include/openssl -D_ALL_SOURCE -D_ANSI_C_SOURCE -D_POSIX_SOURCE -qmaxmem=16384 -qnoansialias -DUSE_NATIVE_DLOPEN -DNEED_PTHREAD_INIT -q32 -D_LARGE_FILES -qlonglong -O-DVERSION=\0.51\ -DXS_VERSION=\0.51\ -I/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE SSLeay.c # chmod 644 SSLeay.bs # rm -f blib/arch/auto/Crypt/SSLeay/SSLeay.so # LD_RUN_PATH= ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto # chmod 755 blib/arch/auto/Crypt/SSLeay/SSLeay.so # cp SSLeay.bs blib/arch/auto/Crypt/SSLeay/SSLeay.bs # chmod 644 blib/arch/auto/Crypt/SSLeay/SSLeay.bs Please Help ,it is urgent Thanks Joshi On Wed, Oct 22, 2008 at 4:35 PM, joshi chandran [EMAIL PROTECTED]wrote: I have used openssl 9.8h version There is mistake in previous mail I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base(openssl 9.8h). Previously, this shared object linked to the libssl.a provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, Rest are same . Please help Thanks Joshi On Wed, Oct 22, 2008 at 4:29 PM, joshi chandra [EMAIL PROTECTED] wrote: Hi All, I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base. Previously, this shared object linked to the libssl.a (openssl 9.8h) provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, it seg faults in a call to the function SSL_CTX_ctrl(). Code Dump Segmentation fault in SSL_CTX_ctrl at 0xd1f6bb80 ($t1) 0xd1f6bb80 (SSL_CTX_ctrl+0xfc) 900300a4 stw r0,0xa4(r3) (dbx) where SSL_CTX_ctrl() at 0xd1f6bb80 XS_Crypt__SSLeay__CTX_new() at 0xd1f64318 Perl_pp_entersub() at 0xd31100d8 Perl_runops_standard() at 0xd3163ad4 S_call_body() at 0xd3075950 Perl_call_sv() at 0xd3079dac S_call_list_body() at 0xd30758bc Perl_call_list() at 0xd307c4f0 Perl_newATTRSUB() at 0xd30d3318 Perl_utilize() at 0xd30d3af8 Perl_yyparse() at 0xd310a494 S_parse_body() at 0xd30765e0 perl_parse() at 0xd307ccc0 main() at 0x1460 Here is the full ld command, ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto Also, here is the output of 'dump -Tv SSLeay.so' for the symbol in the stack trace: ***Loader Symbol Table Information*** [Index] Value Scn IMEX Sclass Type IMPid Name [71]0xundef IMP DS EXTref libssl.a(libssl.so.0.9.8) SSL_CTX_ctrl Is this beacuse i have to specify the header file also when i am doing linking. Can u please help me Thanks Joshi Chandran -- View this message in context: http://www.nabble.com/What-would-cause-a-seg-fault--tp20108404p20108404.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Regards Joshi Chandran -- Regards Joshi Chandran
Re: What would cause a seg fault?
This is how i am compiling # cc_r -c -I/usr/include/l -D_ALL_SOURCE -D_ANSI_C_SOURCE -D_POSIX_SOURCE -qmaxmem=16384 -qnoansialias -DUSE_NATIVE_DLOPEN -DNEED_PTHREAD_INIT -q32 -D_LARGE_FILES -qlonglong -O-DVERSION=\0.51\ -DXS_VERSION=\0.51\ -I/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE SSLeay.c # chmod 644 SSLeay.bs # rm -f blib/arch/auto/Crypt/SSLeay/SSLeay.so # LD_RUN_PATH= ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto # chmod 755 blib/arch/auto/Crypt/SSLeay/SSLeay.so # cp SSLeay.bs blib/arch/auto/Crypt/SSLeay/SSLeay.bs # chmod 644 blib/arch/auto/Crypt/SSLeay/SSLeay.bs Please Help ,it is urgent Thanks Joshi On Wed, Oct 22, 2008 at 10:17 PM, joshi chandran [EMAIL PROTECTED] wrote: This is how i am compiling # cc_r -c -I/usr/include/l -D_ALL_SOURCE -D_ANSI_C_SOURCE -D_POSIX_SOURCE -qmaxmem=16384 -qnoansialias -DUSE_NATIVE_DLOPEN -DNEED_PTHREAD_INIT -q32 -D_LARGE_FILES -qlonglong -O-DVERSION=\0.51\ -DXS_VERSION=\0.51\ -I/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE SSLeay.c # chmod 644 SSLeay.bs # rm -f blib/arch/auto/Crypt/SSLeay/SSLeay.so # LD_RUN_PATH= ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto # chmod 755 blib/arch/auto/Crypt/SSLeay/SSLeay.so # cp SSLeay.bs blib/arch/auto/Crypt/SSLeay/SSLeay.bs # chmod 644 blib/arch/auto/Crypt/SSLeay/SSLeay.bs Please Help ,it is urgent Thanks Joshi On Wed, Oct 22, 2008 at 4:35 PM, joshi chandran [EMAIL PROTECTED] wrote: I have used openssl 9.8h version There is mistake in previous mail I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base(openssl 9.8h). Previously, this shared object linked to the libssl.a provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, Rest are same . Please help Thanks Joshi On Wed, Oct 22, 2008 at 4:29 PM, joshi chandra [EMAIL PROTECTED] wrote: Hi All, I have recompiled the shared object file SSLeay.so to link to the version of libssl.a provided by openssl.base. Previously, this shared object linked to the libssl.a (openssl 9.8h) provided by the RPM on the Linux Toolbox for AIX.Now that the shared object is linked against the newer library, it seg faults in a call to the function SSL_CTX_ctrl(). Code Dump Segmentation fault in SSL_CTX_ctrl at 0xd1f6bb80 ($t1) 0xd1f6bb80 (SSL_CTX_ctrl+0xfc) 900300a4 stw r0,0xa4(r3) (dbx) where SSL_CTX_ctrl() at 0xd1f6bb80 XS_Crypt__SSLeay__CTX_new() at 0xd1f64318 Perl_pp_entersub() at 0xd31100d8 Perl_runops_standard() at 0xd3163ad4 S_call_body() at 0xd3075950 Perl_call_sv() at 0xd3079dac S_call_list_body() at 0xd30758bc Perl_call_list() at 0xd307c4f0 Perl_newATTRSUB() at 0xd30d3318 Perl_utilize() at 0xd30d3af8 Perl_yyparse() at 0xd310a494 S_parse_body() at 0xd30765e0 perl_parse() at 0xd307ccc0 main() at 0x1460 Here is the full ld command, ld -bhalt:4 -bM:SRE -bI:/usr/opt/perl5/lib/5.8.2/aix-thread-multi/CORE/perl.exp -bE:SSLeay.exp -bnoentry -lpthreads -lc_r SSLeay.o -o blib/arch/auto/Crypt/SSLeay/SSLeay.so -L/usr/lib -lssl -lcrypto Also, here is the output of 'dump -Tv SSLeay.so' for the symbol in the stack trace: ***Loader Symbol Table Information*** [Index] Value Scn IMEX Sclass Type IMPid Name [71]0xundef IMP DS EXTref libssl.a(libssl.so.0.9.8) SSL_CTX_ctrl Is this beacuse i have to specify the header file also when i am doing linking. Can u please help me Thanks Joshi Chandran -- View this message in context: http://www.nabble.com/What-would-cause-a-seg-fault--tp20108404p20108404.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Regards Joshi Chandran -- Regards Joshi Chandran -- Regards Joshi Chandran
RE: upgrade openssl, do I need to recompile apache
If you are loading mod_ssl dynamically into Apache,you can goto httpd-2.2.8/modules/ssl directory and compile. If it is statically linked to Apache then it is a must to recompile Apache too. Let me know for more information. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of csross Sent: Wednesday, October 22, 2008 8:16 PM To: openssl-users@openssl.org Subject: RE: upgrade openssl, do I need to recompile apache Thank you. Do I go into the apache source (httpd-2.2.8/modules/ssl) and just recompile in this directory or recompile the entire thing (apache)? How do you get apache to use the new mod_ssl then? Thank you very much. Prathima Dandapani -X (pdandapa - HCL at Cisco) wrote: Yes, you need to recompile mod_ssl of Apache when openssl is upgraded. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of csross Sent: Wednesday, October 22, 2008 3:02 AM To: openssl-users@openssl.org Subject: upgrade openssl, do I need to recompile apache I have a Solaris 8 server. I just upgraded openssl (0.9.7m to 0.9.8.h) and prior notes indicated that an apachectl -k graceful took care of reloading the new ssl. After restarting (either graceful or stop/start), the error log shows the old version still loading and the server-status shows the same. [Tue Oct 21 17:21:40 2008] [notice] Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.7m configured -- resuming normal operations My config.log for http show ./configure --disable-ipv6 --enable-info --enable-status --enable-ssl --with -ssl=/usr/local/ssl --disable-negotiation --disable-userdir --disable-autoindex --disable-imap --enable-expires Any suggestions please? -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache -tp200 99833p20099833.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/upgrade-openssl%2C-do-I-need-to-recompile-apache-tp200 99833p20111935.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]