OpenSSL problem: bind98-base FreeBSD port
michael at rancid.berkeley.edu
Sun Jul 8 19:04:26 UTC 2012
On 07/08/12 09:54, Matthew Pounsett wrote:
> 08-Jul-2012 16:45:00.352 initializing DST: openssl failure
> 08-Jul-2012 16:45:00.352 exiting (due to fatal error)
In particular the logs above suggest that named is unable to find the
necessary openssl libraries. In the case where openssl 1.x.x is
compiled with shared libraries enabled, named can't see the openssl
engines (necessary for GOST crypto support) in its chrooted environment.
What makes me doubt what I just said is that this has been an issue for
more than a year now, so I am not sure why you have escaped it for so
long. I assume you had openssl 1.0.x installed before you upgraded
it--or was it an earlier version?
At any rate, if you run make config in /usr/ports/security/openssl, it
gives you the option of compiling the libraries statically. I have
successfully done this in the past and it has worked. However, anything
else that is currently depending on the openssl shared library from
ports (as opposed to the bundled system) will need to be recompiled
before it will work, as will bind 9.8.
Doug Barton may have some better ideas as to how best to make it all work.
More information about the bind-users