On Sat, Nov 30, 2013 at 4:20 AM, Igor Cicimov <icicimov@xxxxxxxxx> wrote:
Hi all,Im trying to build apache2.2.26 on CentOS5.10 final x86_64, linked to openssl1.0.1e which is also compiled and installed from source under /usr/loca/lib64:
$ ls -l /usr/local/lib64/total 7060drwxr-xr-x 2 root root 4096 Nov 30 18:50 engines-rw-r--r-- 1 root root 3858348 Nov 30 18:50 libcrypto.alrwxrwxrwx 1 root root 18 Nov 30 18:50 libcrypto.so -> libcrypto.so.1.0.0-r-xr-xr-x 1 root root 2145661 Nov 30 18:50 libcrypto.so.1.0.0-rw-r--r-- 1 root root 729426 Nov 30 18:50 libssl.alrwxrwxrwx 1 root root 15 Nov 30 18:50 libssl.so -> libssl.so.1.0.0-r-xr-xr-x 1 root root 463549 Nov 30 18:50 libssl.so.1.0.0drwxr-xr-x 2 root root 4096 Nov 30 01:21 pkgconfigI've used the following process to compile openssl1.0.1e:$ ./Configure --prefix=/usr/local --openssldir=/usr/local/openssl enable-tlsext linux-x86_64 threads zlib enable-idea enable-rc5 enable-mdc2 enable-ec shared$ make depend$ make$ sudo make install$ openssl versionOpenSSL 1.0.1e 11 Feb 2013$ openssl s_client -connect smtp.gmail.com:25 -starttls smtp | grep Protocoldepth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CAverify error:num=20:unable to get local issuer certificateverify return:0250 CHUNKINGProtocol : TLSv1.2$ openssl s_client -connect gmail.com:443 | grep Protocoldepth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CAverify error:num=20:unable to get local issuer certificateverify return:0Protocol : TLSv1.2So as expected the client gets to use the TLSv1.2 protocol. I guess that means (maybe) openssl is good to go ...The relevant part of my apache configure command:$ ./configure LDFLAGS="-L/usr/local/lib64" --enable-ssl=shared --with-ssl=/usr/local/lib64 .....with double attempt to point apache to the openssl libraries, but make is failing with following error:/home/igor.cicimov/httpd-2.2.26/srclib/apr/libtool --silent --mode=link gcc -g -O2 -pthread -L/usr/lib64 -L/usr/local/lib64/lib -L/usr/kerberos/lib64 -L/usr/local/lib64 -o ab ab.lo -lm /home/igor.cicimov/httpd-2.2.26/srclib/pcre/libpcre.la /home/igor.cicimov/httpd-2.2.26/srclib/apr-util/libaprutil-1.la /home/igor.cicimov/httpd-2.2.26/srclib/apr-util/xml/expat/libexpat.la /home/igor.cicimov/httpd-2.2.26/srclib/apr/libapr-1.la -luuid -lrt -lcrypt -lpthread -ldl -lssl -lcrypto -ldl -lz.libs/ab.o: In function `main':/home/igor.cicimov/httpd-2.2.26/support/ab.c:2241: undefined reference to `TLSv1_2_client_method'/home/igor.cicimov/httpd-2.2.26/support/ab.c:2239: undefined reference to `TLSv1_1_client_method'collect2: ld returned 1 exit statusmake[2]: *** [ab] Error 1make[2]: Leaving directory `/home/igor.cicimov/httpd-2.2.26/support'make[1]: *** [all-recursive] Error 1make[1]: Leaving directory `/home/igor.cicimov/httpd-2.2.26/support'make: *** [all-recursive] Error 1This is not my first time I compile apache and openssl and have never seen this error about apache tools. What am I missing here? Any thoughts?I guess it is because of the order of the system library and your local library dir in the linker search path:libtool --mode=link ... -L/usr/lib64 -L/usr/local/lib64/lib ...