> On Feb 21, 2019, at 11:37 PM, Masaori Koshiba wrote:
>
> Hi all,
>
> Could we bump minimum requirements of OpenSSL version to 1.0.2 on next
> major release?
>
> I just noticed that SSLUtils says that Traffic Server requires an OpenSSL
> library version 0.9.4 or greater [*1].
> But I think
Definitely at least drawing the line at openssl 1.0.1 makes sense. As Leif
notes moving to 1.0.2 for the baseline means that some supported
distributions cannot use the system openssl. For Centos6 anyway we require
a replacement for the system compiler which you can acquire from
devtoolset. Is t
> On Feb 22, 2019, at 10:15 AM, Susan Hinrichs
> wrote:
>
> Definitely at least drawing the line at openssl 1.0.1 makes sense. As Leif
> notes moving to 1.0.2 for the baseline means that some supported
> distributions cannot use the system openssl. For Centos6 anyway we require
> a replacem
A quick search shows only instructions for how to build openssl 1.0.2 from
source on Rhel6/Centos6. If there is an epel-like rpm it does not seem to
be well advertised.
I'd suggest keeping the openssl minimum version to 1.0.1 until we stop
support for Centos 6.
On Fri, Feb 22, 2019 at 11:41 AM L
After discussion, TSSslClientCertUpdate should take two arguments instead
of just one since client contexts are stored in a map with keys comprising
of both cert and key.
TSReturnCode TSSslClientCertUpdate(const char *cert_path, const char
*key_path)
Zeyuan Yu 于2019年2月21日周四 下午1:13写道:
> TSReturnC
