On 07/08/12 09:54, Matthew Pounsett wrote:
08-Jul-2012 16:45:00.352 initializing DST: openssl failure 08-Jul-2012 16:45:00.352 exiting (due to fatal error)
In particular the logs above suggest that named is unable to find the necessary openssl libraries. In the case where openssl 1.x.x is compiled with shared libraries enabled, named can't see the openssl engines (necessary for GOST crypto support) in its chrooted environment.
What makes me doubt what I just said is that this has been an issue for more than a year now, so I am not sure why you have escaped it for so long. I assume you had openssl 1.0.x installed before you upgraded it--or was it an earlier version?
At any rate, if you run make config in /usr/ports/security/openssl, it gives you the option of compiling the libraries statically. I have successfully done this in the past and it has worked. However, anything else that is currently depending on the openssl shared library from ports (as opposed to the bundled system) will need to be recompiled before it will work, as will bind 9.8.
Doug Barton may have some better ideas as to how best to make it all work. michael _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
