LibreSSL on CentOS 7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hello list,

I've recently been working with LibreSSL on CentOS 7 and I thought I'd share it.

I would be cautious about using it on production servers, but it seems to be behaving itself for me.

https://librelamp.com/

I packaged it to install in parallel with OpenSSL rather than replace it.

Apache (2.4.16), MariaDB (5.5.45) and PHP (5.6.12) complete the lamp stack.

With MariaDB I did have to disable six tests in the make test section that were SSL related, I haven't investigated them yet to see if legitimate test failures or not.

My main interest with LibreSSL is public facing servers. I have no interest in replacing things like authconfig.

I have noticed that some of the switches the /usr/bin/openssl command accepts are not accepted by libressl, some of that may be configuration file related - it is hard to tell because the openssl.1 man page is extremely sparse.

But the LibreSSL equivalent is packages as /usr/bin/libressl - so installing it won't break any shell scripts that expect certain behavior because they will continue to use the OpenSSL /usr/bin/opennsl.

For example the -rand switch used in the CentOS packaaged mod_ssl post scriptlet doesn't work with LibreSSL binary.

Anyway I thought some people on the list might be interested, so far it is working well for me but I would be very cautious about critical production use.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux