Not-So-Newbie Openssl Question
Tony Holmes
tony at crosswinds.net
Wed Dec 14 07:02:37 PST 2005
Hi all and TIA for any help,
I find myself in an imposed quandry. I am using cPanel on 4.11-RELEASE-p13
boxes. 99% of the system works well, but I've come across an issue with
ssl. It's caused my certs to suddenly crap out and SSL connections from
payment processors no longer work (making my customers a tad angry)
The base system has openssl-0.9.7d and the ports are linked against
openssl-0.9.8a (installed from ports). cPanel mostly uses the ports/packages
system (good choice on their part) *EXCEPT* for apache.
The cpanel apache/ssl build links against the base system, while everything
else (including php which is built in the same procedure) is linked against
the port openssl. This is frustrating to no end.
Now, I first tried installing the openssl overwriting the base. I worked
around the conflict error by definig the shlib version to 3, then sshd
stops working with "I am linked against 0.9.7" (doh of course) so I back
that out since I cannot determine how to get that and any other base system
tools to link against 0.9.8a (after a week of first identifying this problem
and attempting to fix it has made my brain slightly squishier than usual).
Is there any way to safely bring the base system openssl up to 0.9.8a
(do not mind making world/kernels) so the ports and base system match?
--
Tony Holmes
Ph: (416) 993-1219
Founder and Senior Systems Architect
Crosswinds Internet Communications Inc.
More information about the freebsd-security
mailing list