Yes there is a --with-openssl option. I have my openssl rooted at /opt, so I use the following option when calling configure.
--with-openssl=/opt/openssl/1.1.1 On Thu, Jul 16, 2020 at 9:20 AM supraja sridhar <[email protected]> wrote: > Is there a way to specify the path of openssl 1.1.1 library in the system > through configure script of ATS? > > On Wed, Jul 15, 2020 at 8:39 PM Susan Hinrichs <[email protected]> > wrote: > >> I think the version of openssl is it. A quick grep through the code it >> appears that openssl 1.1.1 supports extended master secret but openssl >> 1.0.2 does not. Interestingly you cannot turn off extended master secret >> in 1.1.1. The SSL_OP_NO_EXTENDED_MASTER_SECRET option doesn't appear >> until openssl 3. >> >> >> On Wed, Jul 15, 2020 at 4:38 AM supraja sridhar < >> [email protected]> wrote: >> >>> Hello, >>> Yes, I am using ATS 7.1.1 with openssl 1.0.2 version. The client >>> supports the extended master secret extension. Could the openssl version be >>> an issue? >>> >>> On Tue, Jul 14, 2020 at 5:45 PM Susan Hinrichs < >>> [email protected]> wrote: >>> >>>> Yes, I believe it should. ATS doesn't set >>>> SSL_OP_NO_EXTENDED_MASTER_SECRET, >>>> and the default is for that feature to be enabled. >>>> >>>> Are you having problems with session reuse? Perhaps the client does >>>> not support the Extended Master secret? >>>> >>>> Susan >>>> >>>> On Tue, Jul 14, 2020 at 1:26 AM supraja sridhar < >>>> [email protected]> wrote: >>>> >>>>> Hello, >>>>> >>>>> Does ATS 7.x support session ticket reuse in the presence of Extended >>>>> Master secret extension in the handshake ? >>>>> >>>>> Thanks >>>>> Supraja >>>>> >>>> >>> >>> -- >>> Regards, >>> S.SUPRAJA >>> MIT >>> >> > > -- > Regards, > S.SUPRAJA > MIT >
