Re: How to use ktls with openssl in base
- In reply to: Rick Macklem : "Re: How to use ktls with openssl in base"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 12 Sep 2025 20:57:34 UTC
On 12/09/2025 21:44, Rick Macklem wrote: > On Fri, Sep 12, 2025 at 1:08 PM Pete French <pete@twisted.org.uk> wrote: >> >> Am running 14.3-STABLE form a few weeks ago, and I would rather like >> to get KTLS working with the openssl in base. I have got it working >> with GnuTLS form post easily enough (enable in the global config file >> and it just works). But am having problems in base. > Is kern.ipc.tls.enable set non-zero on the system? > (You might also need kern.ipc.tls.cbc_enable=1 too?) Yup, I have both of those set to 1, and it works with gnutls, just not openssl. I am testing like this: echo 'GET /' | gnutls-cli www.google.com:443 Thats increases kern.ipc.tls.stats.offload_total, but with this: echo 'GET /' | openssl s_client -connect www.google.com:443 it does not The aim is to get Apache using it and (to a lesser degree) my own code using gnutls (hence me testing both), but Apache is the main one and thats linked against base openssl. thanks for the reply, I am not doing anything wildly wrong then -pete.