I've started playing around with boringssl with nginx. Mostly everything works except OCSP. Seems like either openssl 1.0.2 which boringssl was forked from does not have it, or the boringssl folk ripped it out. I have not investigated.
Anyway, I'm please to report everything seems to work! -- # first boringssl git clone https://boringssl.googlesource.com/boringssl cd boringssl # for when building on openbsd, also enables -O2, boringssl is a debug build by default cat boringssl_openbsd.patch | patch -p1 -N -s mkdir build && cd build && cmake ../ && cd .. # setup stuff for nginx mkdir -p .openssl/lib ln -s include .openssl/ cp build/crypto/libcrypto.a build/ssl/libssl.a .openssl/lib # now for nginx tar xvzf nginx-1.6.0.tar.gz cd nginx-1.6.0 cat ../boringssl_nginx.patch | patch -p1 -N -s ./configure --with-openssl=../boringssl ... # update timestamp so nginx won't try to build openssl touch ../boringssl/.openssl/include/ssl.h make
boringssl_nginx.patch
Description: Binary data
boringssl_openbsd.patch
Description: Binary data
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
