how include libressl to Apache server? good would be returned like Experimental or without ;D, Apache with Libressl.
Apache broke compiling with LibreSSL when it became compatible with OpenSSL 1.1.0. It's been supposedly remedied but I haven't had time to check.
I had the time yesterday with the site being down all day to give this a go.
Good News: It worked and I have Apache 2.4.29 with LibreSSL 2.6.2 both x86 & x64.
Bad News: I cannot find my package creating script at the moment so I have to get out my old laptop and dig through it to get it back.
Once I find it I'll package these up and make them available for download and announce. I hope I do not have to recreate my packaging script but if I do, it may take a couple days to get these up.
Thanks! ;)LibreSSL 2.6.2 it development release, it safe for use?)
Ah, forgot to check that. Yes it is the development branch.
I have a tool that watches http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ for changes, unfortunately that will not tell me if it's a dev branch. I guess I'll have to do LibreSSL differently.
I can do builds with 2.5.5 in a couple days.
Is anyone else getting this message "C:/Apache/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: The specified module could not be found." when they install and attempt to run Apache 2.4.29 w/LibreSSL 2.6.2?
I have tried it on 2 different machines with no luck :'(
Yeah, I have on my server. It runs on both my laptop and my desktop but not in the server.
With LibreSSL 2.5.5 it works fine on the server, so I dunno, must be a problem w/ 2.6.2.
Anyhow, I'll put up the 2.5.5 now and remove the 2.6.2.
LibreSSL make new release 2.6.3. Maybe there was fixed bugs 2.6.2 with loading mod_ssl
2.6.3 is listed as stable now so we will see.
Sorry it has taken me so long to get to this. Yes, 2.6.3 builds and they are on our download page (http://www.apachehaus.com/cgi-bin/download.plx).
Awesome job
yay) thanks)
Invalid command 'SSLOpenSSLConfCmd'... command was delete or rename?
Well this is an Apache Directive (http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslopensslconfcmd) that notes OpenSSL 1.0.2 and higher. So with that in mind;
If the directive works on 2.4.29/Libressl 2.5.5, chances are whatever part of LRE's API was removed by LRE that supports this Apache directive. This would not be a surprise since there is a slimming down of the library of "unneeded code" so they deem almost every release.
Or
If the directive doesn't work on 2.4.29/Libressl 2.5.5, it's probably because LRE was forked from OpenSSL 1.0.1 and what of OpenSSL 1.0.2 is needed for the directive has never been added to LRE.
thanks for answer. i asked LRE developers(https://github.com/libressl-portable/portable/issues/367), as i understand mod_ssl should have options for curves and ECDHParametres.
The key word there is "should," evidently not.
I think kinichiro's answer was spot on.
You might want to file a bug report about it in Apache's bugzilla (https://bz.apache.org/bugzilla/index.cgi), somebody with a bigger brain than me might be able to either get it working or tell you why they will not get it working.
I would imagine OpenBSD's httpd does since LibreSSL is from the same folks. nginx seem to also have the kitchen sink added to it, even if it's not standardized (TLS/1.3 for one).
Of note: Apache has never claimed to support LibreSSL, it just support the OpenSSL that LibreSSL was forked from. That unfortunately was 1.0.1.
Thanks for answer!