[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Problem in configuring SSL with openldap



Please keep your replies on the mailing list.

Two examples of Solaris OpenSSL builds that linked with OpenLDAP can be found at:

Quanah's OpenSSL build page at http://www.stanford.edu/services/directory/openldap/configuration/openssl-build.html

Rutgers OpenSSL spec file at http://cvs.rutgers.edu/cgi-bin/viewcvs.cgi/*checkout*/SPECS/openssl.spec

I note that they both have the word "shared" in various places, which you do not mention.

OpenSSL is not provided by the OpenLDAP Project; please direct further discussion to a relevant OpenSSL list until you're sure that it built correctly. You should come back to openldap-software if OpenLDAP autoconf fails to recognize the (properly built and installed) libraries.

On Thu, 12 Oct 2006, Monica_Rana wrote:

Hi Aaron,

I had followed the below mentioned steps for installing openssl:
1.  $ ./config
2.  $ make
3.  $ make test
4.  $ make install.

All the options ran without any errors.
Do I need to do anything extra?

In my /usr/local/ssl/lib/, libcrypto.so does not exist. The following
file exists at the mentioned path

# pwd
/usr/local/ssl/lib
# ls
engines      libcrypto.a  libssl.a     pkgconfig


Regards, Monica Rana

-----Original Message-----
From: Aaron Richton [mailto:richton@nbcs.rutgers.edu]
Sent: Thursday, October 12, 2006 4:59 PM
To: Monica_Rana
Cc: Phillip; openldap-software@openldap.org
Subject: RE: Problem in configuring SSL with openldap

I see that RSA stuff, but I'm not sure if that's as fatal as your
failure to link in libdl on the previous attempt (:19590). Your build
seems to be picking up a libcrypto.a; on my Solaris systems, ldd
/usr/local/ssl/lib/libcrypto.so shows a dependency on libdl.so.1.
Towards this end I'd:

(a) make sure that openssl was compiled into shared objects, e.g.
/usr/local/ssl/lib/libcrypto.so exists
(b) make sure that it was compiled reasonably; at a minimum, that ldd
/usr/local/ssl/lib/libcrypto.so comes out clean without any "file not
found"
(c) include RPATH in your LDFLAGS, e.g. "-L/usr/local/ssl/lib
-R/usr/local/ssl/lib -L/usr/local/db4/lib -R/usr/local/db4/lib" instead.

See if any or all of that helps...

On Thu, 12 Oct 2006, Monica_Rana wrote:

Phillip,

I have checked the include and lib path. But seeing at the config
logs, it seems that the problem is with RSAglue/rsaref. I am new to
openLDAP and openSSL. So am not able to actually decode the logs.

Regards,
Monica Rana

-----Original Message-----
From: Phillip [mailto:phuang@plasmon.cn]
Sent: Thursday, October 12, 2006 1:07 PM
To: Monica_Rana
Cc: openldap-software@openldap.org
Subject: Re: Problem in configuring SSL with openldap

Monica,

Maybe you've take a mistake in setting "env", just try:

env CPPFLAGS="-I/usr/local/include -I/usr/local/ssl/include -
I/usr/local/db4/include"  LDFLAGS="-L/usr/local/ssl/lib -
L/usr/local/db4/lib" ./configure --with-tls --with-cyrus-sasl
--enable- wrappers --enable-crypt --enable-bdb

You'd better verify the "include" and "lib" path for SSL and DB.

Regards,
Phillip





On Thu, 2006-10-12 at 12:18 +0530, Monica_Rana wrote:
Hi All,

I have the following installed on solaris 8.
openLDAP 2.3.27
openSSL 0.9.8b.

when i try to configure using the command env
CPPFLAGS="-I/usr/local/include -I/usr/local/include/ssl -
I/usr/local/include/db4"
    LDFLAGS="-L/usr/local/ssl/lib -L/usr/local/lib/db4"
    ./configure --with-tls --with-cyrus-sasl --enable-wrappers --
enable-crypt --enable-bdb it throws the error checking for
openssl/ssl.h... yes checking for SSL_library_init in -lssl... no
checking for ssl3_accept in -lssl... no checking OpenSSL library
version (CRL checking capability)... yes
configure: error: Could not locate TLS/SSL package.

Please let me know what could be the possible reson behind. PFA the
config.log file.

Regards,
Monica Rana
**************** CAUTION - Disclaimer ***************** This e-mail
contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for
the use of the addressee(s). If you are not the intended recipient,
please notify the sender by e-mail and delete the original message.
Further, you are not to copy, disclose, or distribute this e- mail or

its contents to any other person and any such actions are unlawful.
This e-mail may contain viruses. Infosys has taken every reasonable
precaution to minimize this risk, but is not liable for any damage
you

may sustain as a result of any virus in this e-mail. You should carry

out your own virus checks before opening the e-mail or attachment.
Infosys reserves the right to monitor and review the content of all
messages sent to or from this e-mail address. Messages sent to or
from

this e-mail address may be stored on the Infosys e- mail system.
***INFOSYS******** End of Disclaimer ********INFOSYS***