1. Machiaveli

    Status of openssl 3.x and possible network services breakages

    Hello all, Does any of you has network services breakages after upgrading from openssl 1.1.x to 3.x? If so, did you overcome them? I'm mainly thinking of apache (2.4 branch), mail services (dovecot, postfix, exim, etc.), bind/unbound daemons. Asking so before setting up a dedicated test server...
  2. dougs

    Add openssl support to sysutils/bacula9-server

    I have bacula9-server already installed and running for years. I need to add data encryption to the software. Unfortunately the 'make config' command does not reveal any openssl options. This link states to use the configure command to add openssl support to bacula...
  3. N

    openssl with support for tls 1.3

    I see that openSSL has to be built for tls 1.3 support, but i am not sure of how to do that on freeBSD 13.1 RELEASE.
  4. stephen.wall

    OpenSSL 3.0 in base system

    OpenSSL 3.0 has been out nearly a year now, and is up to 3.0.5, and thus far I see no evidence in the FreeBSD git repos of any work being done to update the version in the base system. Is there any plan for this? Is 14 development too far along to target for this update? I note that FreeBSD...
  5. R

    Trying to run openvpn with another engine

    Well, I made a new engine (new-engine) to run openvpn with it. It works in Linux, but in the FreeBSB it doesn't (I already compiled in that machine). Below is the error when I try to connect: I already put my in the folder /usr/lib/engines/ and my config file is below: port...
  6. noodlefling

    openssl without TLSv1.0

    I just switched from ports to packages and a side effect seems to be that TLSv1.0 has been re-enabled. Previously what I'd done is a make config for openssl and turned off TLSv1.0, and then recompiled everything that required openssl. If I do that now, will I have to use ports (instead of...
  7. B

    C Cross Compiling Openssl for ARM64(Nanopi R2S)

    Hi everyone, I'm having problem when cross compiling openssl from AMD64 to ARM64. I've tried: pkg install aarch64-none-elf-gcc ./Configure BSD-generic32 --cross-compile-prefix=/usr/local/bin/aarch64-none-elf- shared --prefix=/usr/openssl-custom --openssldir=/usr/openssl-custom...
  8. J

    database/freetds fail to connect ms sql server on FreeBSD-13-Stable (2022/02)

    After some tests, I suspect the openssl 1.1.1m on FreeBSD-13-Stable (2022/02) prevent freetds from connecting to microsoft sql server 2019. Command: setenv TDSDUMP /tmp/freetds.log tsql -S host -U username -P password tail /tmp/freetds.log tls.c:130:in tds_pull_func_login tls.c:130:in...
  9. C

    Securelevel utility turned Intrusion detection tool set

    Heads up: So, this turned out to be very long. Longer than I anticipated before I started writing. Also, I'm not completely certain whether this shouldn't have gone into user space programing. Since it's still very much tied into base, I'll leave it here for the moment and ask the moderators to...
  10. byrnejb

    OpenSSL 1.1.1h in base. OpenSSL 1.1.1l installed.

    I have a FreeBSD host updated to 12.2p11. # freebsd-update fetch src component not installed, skipped Looking up mirrors... 2 mirrors found. Fetching metadata signature for 12.2-RELEASE from done. Fetching metadata index... done. Inspecting system...
  11. L

    Solved Peertube - OPENSSL_1_1_1e required and not found

    I'm trying to install a peertube instance in a jail of a FreeBSD 13.0-RELEASE amd64 system. The following command, as per the peertube's documentation: # yarn install --production --pure-lockfile /lib/ version OPENSSL_1_1_1e required by /usr/local /bin/node not...
  12. Alain De Vos

    Using openssl-devel instead of openssl

    When i want to install openssl-devel the system wants to remove 1300 packages. Can I recompile all those packages and force to use openssl-devel instead of openssl ? By putting somewhere a parameter in make.conf ?
  13. grahamperrin

    Using poudriere to build net/citrix_ica

    /usr/local/etc/poudriere.d/make.conf comprises one line: ICA_CERTS=quovadis_quovadiseuropeevsslcag1_der.crt Attempts to build net/citrix_ica fail. Using SSL Preferences (KDE Plasma, pictured below) to trust the certificate does not resolve the issue. Please, what should I do? (I'm almost...
  14. O

    Solved OpenSSL version appears differently from inside and outside of jail

    After updating freebsd and jails to 13.0 release patch 4 I tried to verify everthing was up to date. However when checking the openssl version in my jail I noticed something strange. Inside the jail openssl version produced the output: OpenSSL 1.1.1k-freebsd 25 Mar 2021 But invoking version...
  15. J

    Solved Help compiling sendmail with OpenSSL base (1.0.2) vs. ports (1.1.1)

    I have let my installation drift a bit, so it is running an outdated 11.3-RELEASE-p3. I'm currently doing a source upgrade to 11.4, and from there I'm planning to jump to 12.x. But currently I'm stuck on the 11.4 compile, because sendmail fails. The compile error is: main.o: In function...
  16. B

    Simple encrypt and decrypt folder

    Hi, I have test directory with one file inside test.txt and I want to encrypt it and compress Encrypt and compress command below: tar cfz - test | openssl enc -aes-256-cbc -a -k test -salt > test.tar.gz It's creating file but i can't decrypt it. How unpack it in one command ?
  17. T

    Custom MariaDB ODBC port

    Hello all, I've need of MariaDB ODBC in addition to the client/server installed. I've looked at the ODBC dependent databases/mariadb-connector-c and it seems to be subset of databases/mariadb10[3,4]-client. Thus, I tried creating a custom port where the ODBC depends/links to the client...
  18. D

    Solved BACULA - bacula9-server and client not compiling after move from openssl111 to openssl

    Hello everyone, Following the rename of security/openssl111 to security/openssl, I've rebuilt all of my packages depending on OpenSSL, but I got an error from sysutils/bacula9-client : --- bacula-fd --- /usr/bin/ld: warning:, needed by /usr/local/lib/, not found (try...
  19. T

    Solved Openldap TLS: could not use certificate

    I am trying to setup openldap to use TLS with openssl. After following the instructions at and fixing the permissions issues, I ran into this: TLS: could not use certificate `/usr/local/etc/openldap/certs/cert.csr'. TLS: error:0909006C: PEM...
  20. jontheil

    Apache 2.4 errors on 12.0-RELEASE

    I have an installation of www/apache24 that have been running flawlessly for years. I made some changes (installed www/nextcloud, configured a nullfs etc.). After that, I haven't been able to start the web server with my usual configuration. When both mod_perl and mod_ssl are disabled, the...