openssl

Hello everyone, Following the rename of security/openssl111 to security/openssl, I've rebuilt all of my packages depending on OpenSSL, but I got an error from sysutils/bacula9-client : --- bacula-fd --- /usr/bin/ld: warning: libssl.so.9, needed by /usr/local/lib/libbaccfg.so, not found (try...

I am trying to setup openldap to use TLS with openssl. After following the instructions at https://www.freebsd.org/doc/handbook/network-ldap.html and fixing the permissions issues, I ran into this: TLS: could not use certificate `/usr/local/etc/openldap/certs/cert.csr'. TLS: error:0909006C: PEM...

I have an installation of www/apache24 that have been running flawlessly for years. I made some changes (installed www/nextcloud, configured a nullfs etc.). After that, I haven't been able to start the web server with my usual configuration. When both mod_perl and mod_ssl are disabled, the...

After performing the following: # freebsd-update -r 12.0-RELEASE upgrade # freebsd-update install # reboot # freebsd-update install # portmaster -af I ran into an issue with reinstalling zabbix34-server due to the openssl situation. <...snip...> checking for DTLSv1_method in -lssl... yes...

I recently updated from 10.4-RELEASE to 11.2-RELEASE. The upgrade was not clean, as the system ran out of space a couple of times and things got seriously out of whack. There was a rollback that put the system in a weird state. Eventually, I thought I'd gotten it all sorted out. Once it looked...

Hi, I have renew certificate for my site. They crt and key file applied to nginx is running on Centos 7 host. It is working well. However, this pair of key-cert file has issue when applied to nginx in a freeBSD 11.1-RELEASE server # nginx -t nginx: [emerg]...

When issuing openssl engine I get the following output: root@vados:~ # openssl engine (rdrand) Intel RDRAND engine (dynamic) Dynamic engine loading support When loading cryptodev with kldload cryptodev and issuing above command again: root@vados:~ # kldload cryptodev root@vados:~ # openssl...

I just upgraded my server from FreeBSD 10.3 to 11.1. It's now running Sendmail 8.15.2 and OpenSSL 1.0.2k-freebsd 26 Jan 2017. Since the upgrade, sending mail to my server is failing: Every time a remote MTA sends a STARTTLS command, the current sendmail instance crashes. I temporarily stopped...

Hi all, I’m investigating some slow VPN speeds on my router, and I’m trying to make sense of what I’m seeing. Non-VPN’d traffic can hit >1gb/s through the router, so I know it’s not a throughput problem. This got me investigating crypto performance, and on all my machines, I’ve found that...

FreeBSD 11.1 i386 I have compiled and installed openssl from ports, so there are: a) /usr/bin/openssl (OpenSSL 1.0.2k-freebsd 26 Jan 2017) with /lib/libcrypto.so.8, /usr/lib/libssl.so.8 and b) /usr/local/bin/openssl (OpenSSL 1.0.2n 7 Dec 2017) with /usr/local/lib/libcrypto.so.9...

Hello, I'm building all my packages with poudriere and they are linked with LibreSSL (using "DEFAULT_VERSIONS+=ssl=libressl-devel" in my make.conf) I'd like to use net/opensips but it doesn't works with LibreSSL, I'm getting this error messages: ERROR:tls_mgm:mod_init: unable to set the memory...

I am working on setting up SSL on apache24 web server on my local network with a self signed certificate. I am able to confirm it is working with curl and openssl (see the details below), however I am not able to get it working with firefox. I imported my self signed cert to firefox, however...

I'm wanting to generate a self-signed certificate for LAN-only development and testing. The virtual host will be alpha.local, and it is only for nginx serving. The handbook requires a machine name for a virtual host, i.e.: Common Name (e.g. server FQDN or YOUR name)...

Note: this post is amended because the updated port security/acme.sh is now using its own convention home directory /var/db/acme with dedicated user/group acme:acme The idea is to limit the use of elevated privileges as much as possible. ================ - What is this about? security/acme.sh...

Hello, I am trying to build nginx from ports, but I don't want dependency to openssl from ports. I want "base" FreeBSD openssl. Default nginx package has no dependency to external openssl package. I am building in a jail. I have this in make.conf: WRKDIRPREFIX= /var/ports DISTDIR=...

user@gt:~ % openssl version OpenSSL 1.0.2k-freebsd 26 Jan 2017 user@gt:~ % openssl speed -evp aes-256-gcm -engine aesni invalid engine "aesni" 34380834184:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared...

Hello, I have tried installing percona56-server from the ports with the OpenSSL option checked ( as it is by default ) and I have completed the SSL setup and get everything to work properly except that I am stuck with TLSv1. mysql> \s; -------------- mysql Ver 14.14 Distrib 5.6.33-79.0...

Hello folks, I'm trying to run security/py-certbot on a FreeBSD 10.3 stable jail. When I try to launch it I get the following messages: root@nope:~ # certbot Traceback (most recent call last): File "/usr/local/bin/certbot", line 11, in <module> load_entry_point('certbot==0.9.3'...

I have two FreeBSD 10.3 servers an audit shows the following pkg audit openssl-1.0.2_15,1 is vulnerable: OpenSSL -- multiple vulnerabilities CVE: CVE-2016-6308 CVE: CVE-2016-6307 CVE: CVE-2016-6306 CVE: CVE-2016-2181 CVE: CVE-2016-2179 CVE: CVE-2016-2178 CVE: CVE-2016-2177 CVE: CVE-2016-2180...

Hi, Problem occurs after update from OpenSSL/1.0.2d to OpenSSL/1.0.2f. Here is script: <?php $url = 'https://public-crest.eveonline.com/killmails/33493676/553ac7e2aeabe48092bde10958de0a44dc6f35ef/'; $timeout = 50; $ch = curl_init($url); curl_setopt($ch, CURLOPT_VERBOSE, true); curl_setopt($ch...