Removal notice force BIND 9.21+: OpenSSL Engines
Ondřej Surý
ondrej at isc.org
Tue Aug 6 14:20:54 UTC 2024
Hello,
In line with ISC's deprecation policy, I am notifying the mailing list
of our intent to remove the support of OpenSSL 1.x Engines in
favor of OpenSSL 3.x Providers.
The OpenSSL 3.0 has introduced new way how to extend OpenSSL
with "Providers" and the old "Engines" have been deprecated and
they require special compile time options to be enabled.
As OpenSSL 1.1.x is no longer supported by OpenSSL and is present
only in RHEL 8, we are now removing support for OpenSSL Engines
from BIND 9.21 (the next development version).
The support for OpenSSL Providers is already present in BIND 9.20
and it is the preferred way how to interact with PKCS#11 Hardware
Security Modules.
Ondrej
--
Ondřej Surý (He/Him)
ondrej at isc.org
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
More information about the bind-users
mailing list