1. Petr Fischer

    Solved Building nginx in a jail with ssl=base (without openssl port dependency)

    Hello, I am trying to build nginx from ports, but I don't want dependency to openssl from ports. I want "base" FreeBSD openssl. Default nginx package has no dependency to external openssl package. I am building in a jail. I have this in make.conf: WRKDIRPREFIX= /var/ports DISTDIR=...

    Solved FreeBSD 11.2 - OpenSSL without AESNI?

    user@gt:~ % openssl version OpenSSL 1.0.2k-freebsd 26 Jan 2017 user@gt:~ % openssl speed -evp aes-256-gcm -engine aesni invalid engine "aesni" 34380834184:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared...
  3. bibi

    percona56-server with TLSv1.2

    Hello, I have tried installing percona56-server from the ports with the OpenSSL option checked ( as it is by default ) and I have completed the SSL setup and get everything to work properly except that I am stuck with TLSv1. mysql> \s; -------------- mysql Ver 14.14 Distrib 5.6.33-79.0...
  4. jbodenmann

    Python OpenSSL versioning issue

    Hello folks, I'm trying to run security/py-certbot on a FreeBSD 10.3 stable jail. When I try to launch it I get the following messages: root@nope:~ # certbot Traceback (most recent call last): File "/usr/local/bin/certbot", line 11, in <module> load_entry_point('certbot==0.9.3'...
  5. timypcr

    openssl-1.0.2_15,1 is vulnerable

    I have two FreeBSD 10.3 servers an audit shows the following pkg audit openssl-1.0.2_15,1 is vulnerable: OpenSSL -- multiple vulnerabilities CVE: CVE-2016-6308 CVE: CVE-2016-6307 CVE: CVE-2016-6306 CVE: CVE-2016-2181 CVE: CVE-2016-2179 CVE: CVE-2016-2178 CVE: CVE-2016-2177 CVE: CVE-2016-2180...
  6. A

    Solved OpenSSL/1.0.2f breaks php56/curl

    Hi, Problem occurs after update from OpenSSL/1.0.2d to OpenSSL/1.0.2f. Here is script: <?php $url = ''; $timeout = 50; $ch = curl_init($url); curl_setopt($ch, CURLOPT_VERBOSE, true); curl_setopt($ch...
  7. karolyi

    postfix breaking with security/openssl

    hHey, jJust wanted to document here that: Git package depends on security/openssl, and security/openssl breaks postfix/smtp. yYou'll get segfaults from 'postfix/smtp' when using it with security/openssl, and SOME emails won't get delivered, depending on the ssl implementation your server wants...
  8. G

    Solved Invalid signature using freebsd-update

    First of all, I checked this thread. Since the thread was old and it doesn't solve my problem, I decided to make a new thread. (I'm not sure if that is accepted behavior or not, being new to the forum.)
  9. R

    [OpenSSL] /etc/ssl/cert.pem not honoured by default

    I have a FreeBSD 10.1 installation with security/ca_root_nss installed (with ETCSYMLINK). /etc/make.conf contains WITH_OPENSSL_BASE="YES", the port (security/openssl) is not installed. /etc/ssl/cert.pem points to /usr/local/share/certs/ca-root-nss.crt, which contains the CA certificates as...
  10. icecoke

    WITH_OPENSSL_PORT=yes not respected by all ports

    On a 10.1p19 (and other earlier Versions) I'm trying to have the latest security/openssl port to be used instead of the slightly older base openssl. But it seems all settings I use, do not achieve this with all ports /etc/make.conf: WITH_OPENSSL_PORT=yes OPENSSLBASE=/usr/local Even after a...
  11. W

    OpenSSL Certificates for Dovecot and Postfix

    Hey guys, Someone have an tutorial teaching how to get SSL DHE-RSA-AES256-SHA working for Dovecot and Postfix? I did the Certificate key using: openssl ecparam -genkey -name secp384r -out usr/local/etc/ssl/private/ Then the Certificate Sign Request: openssl req -new...