The chicken and the OpenSSL

Jim Mock mij at
Tue Apr 15 15:28:46 PDT 2003

On Tuesday, April 15, 2003, at 01:14  PM, Jack L. Stone wrote:
> At 12:51 PM 4.15.2003 -0700, Jim Mock wrote:
>> On Tue, 15 Apr 2003 at 10:37:48 -0700, Kill the Penguin wrote:
>>> I'm currently running 4.7-RELEASE-p10. I attempted to install, but 
>>> it is dependant on openssl-0.9.7a.  Unfortunately the installed 
>>> version is openssl-0.9.6i. This will result in two parallel 
>>> installations of openssl which is not the end of the world, but not 
>>> desired. In the past I attempted to use only openssl in the ports 
>>> collection, but using NO_OPENSSL results in failed buildworlds.
>>> So I attempted to update the src-crypto and src-secure portions of 
>>> the src tree and *just* build these components. It doesn't appear 
>>> that REL_ENG_4_7 contains the latest version of openssl.
>>> Is there a method to keep up with OpenSSL without having to parallel 
>>> installations? It appears you can't unhook the base installation 
>>> from the system, and I'm not sure forcing the ports version into 
>>> /usr is going to be a great idea. Anyone solve this problem?
>> cd /usr/ports/security/openssl && make -DOPENSSL_OVERWRITE_BASE 
>> install
> I have the same situation, but have already installed apache13-modssl 
> from ports which loads up openssl-0.9.7a okay when starting 
> Apache+mod_ssl. What whould be the effect of running Jim's "overwite" 
> of the old base openssl now at this stage to get down to the one 
> version...? Do I need to start over....??

Good question.  I'm not really sure :-)  Your best bet is to probably 
try it out on a non-production box if you have one and see what 
happens.  At the very worst, you may have to rebuild mod_ssl after 
installing the OpenSSL port, but apache shouldn't have to be touched.

- jim

- jim mock.     email: mij at     web: -
- freebsd project: jim at    opendarwin: mij at -

More information about the freebsd-questions mailing list