Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On Tue, Sep 11, 2018, 13:10 Kurt Roeckx wrote: > On Tue, Sep 11, 2018 at 04:59:45PM +0200, Juan Isoza wrote: > > Hello, > > > > What is the better way, for anyone running, by example, Apache or nginx > on > > a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS > > 1.3 ? > > >

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On 09/11/2018 02:35 PM, Viktor Dukhovni wrote: On Tue, Sep 11, 2018 at 02:28:12PM -0400, Dennis Clarke wrote: It sounds like a downstream ELF header nightmare. Actually, it works just fine. You link with the variant library, and it happily coexists with any dependencies you may have that in

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On Tue, Sep 11, 2018 at 02:28:12PM -0400, Dennis Clarke wrote: > >> It sounds like a downstream ELF header nightmare. > > > > Actually, it works just fine. You link with the variant library, > > and it happily coexists with any dependencies you may have that in > > turn depend on the system TLS

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

It sounds like a downstream ELF header nightmare. Actually, it works just fine. You link with the variant library, and it happily coexists with any dependencies you may have that in turn depend on the system TLS library. The variant SONAME and symbol versions provide all the requisite iso

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On Tue, Sep 11, 2018 at 08:10:01PM +0200, Kurt Roeckx wrote: > On Tue, Sep 11, 2018 at 04:59:45PM +0200, Juan Isoza wrote: > > Hello, > > > > What is the better way, for anyone running, by example, Apache or nginx on > > a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS > >

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On Tue, Sep 11, 2018 at 04:59:45PM +0200, Juan Isoza wrote: > Hello, > > What is the better way, for anyone running, by example, Apache or nginx on > a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS > 1.3 ? > > Waiting package update to have openssl 1.1.1 ? probably a lot

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On Tue, Sep 11, 2018 at 01:47:18PM -0400, Dennis Clarke wrote: > >--- Configurations/10-main.conf > >+++ Configurations/10-main.conf > > > >+"BSD-x86_64-opt" => { > >+inherit_from => [ "BSD-x86_64" ], > >+shlib_variant => "-opt", > >+}, > >

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

On 09/11/2018 01:09 PM, Viktor Dukhovni wrote: On Sep 11, 2018, at 10:59 AM, Juan Isoza wrote: What is the better way, for anyone running, by example, Apache or nginx on a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS 1.3 ? Waiting package update to have openssl 1.

Re: [openssl-users] Migrating to openssl 1.1.1 in real life linux server

> On Sep 11, 2018, at 10:59 AM, Juan Isoza wrote: > > What is the better way, for anyone running, by example, Apache or nginx on a > popular Linux districution (Ubuntu, Debian, Suse) and want support TLS 1.3 ? > > Waiting package update to have openssl 1.1.1 ? probably a lot of time > > Rec

[openssl-users] Migrating to openssl 1.1.1 in real life linux server

Hello, What is the better way, for anyone running, by example, Apache or nginx on a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS 1.3 ? Waiting package update to have openssl 1.1.1 ? probably a lot of time Recompile openssl dynamic library and replace system library ? We