Crypto failure Issues
Tony Finch
dot at dotat.at
Mon Jul 27 15:26:31 UTC 2015
Stewart, Larry C Sr CTR DISA JITC (US) <larry.c.stewart.ctr at mail.mil> wrote:
> I am having issues with bind failing to start due to a crypto failure
> when I compile with the --with-openssl option when I have openssl
> version 1.0.2d or 1.0.2c
>
> Is anyone aware of any compatibility issues between bind and openssl
> version 1.0.2? I have no issues when I use openssl version 0.9.8zf.
This sounds like the GOST problem. Try building BIND with
./configure --without-gost or copy the OpenSSL GOST engine shared object
into your chroot.
e.g. https://lists.isc.org/pipermail/bind-users/2014-June/093450.html
http://gnats.netbsd.org/48658
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Tyne, Dogger, Fisher: Northeast 5 or 6 backing north 4 or 5, but cyclonic at
first in Dogger. Moderate. Rain or showers. Moderate or good.
More information about the bind-users
mailing list