Print

[long76]

how include libressl to Apache server? good would be returned like Experimental or without , Apache with Libressl.

[Gregg]

Apache broke compiling with LibreSSL when it became compatible with OpenSSL 1.1.0. It's been supposedly remedied but I haven't had time to check.

[Gregg]

I had the time yesterday with the site being down all day to give this a go.

Good News: It worked and I have Apache 2.4.29 with LibreSSL 2.6.2 both x86 & x64.
Bad News: I cannot find my package creating script at the moment so I have to get out my old laptop and dig through it to get it back.

Once I find it I'll package these up and make them available for download and announce. I hope I do not have to recreate my packaging script but if I do, it may take a couple days to get these up.

[long76]

Thanks! ;)LibreSSL 2.6.2 it development release, it safe for use?)

[Gregg]

Ah, forgot to check that. Yes it is the development branch.

I have a tool that watches http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ for changes, unfortunately that will not tell me if it's a dev branch. I guess I'll have to do LibreSSL differently.

I can do builds with 2.5.5 in a couple days.

[DnvrSysEngr]

Is anyone else getting this message "C:/Apache/conf/httpd.conf: Cannot load modules/mod_ssl.so into server: The specified module could not be found." when they install and attempt to run Apache 2.4.29 w/LibreSSL 2.6.2?

I have tried it on 2 different machines with no luck 

[Gregg]

Yeah, I have on my server. It runs on both my laptop and my desktop but not in the server.
With LibreSSL 2.5.5 it works fine on the server, so I dunno, must be a problem w/ 2.6.2.

Anyhow, I'll put up the 2.5.5 now and remove the 2.6.2.

[long76]

LibreSSL make new release 2.6.3. Maybe there was fixed bugs 2.6.2 with loading mod_ssl

[Gregg]

2.6.3 is listed as stable now so we will see.

[Gregg]

Sorry it has taken me so long to get to this. Yes, 2.6.3 builds and they are on our download page.

[mario]

Awesome job

[long76]

yay) thanks)

[long76]

Invalid command 'SSLOpenSSLConfCmd'... command was delete or rename?

[Gregg]

Well this is an Apache Directive that notes OpenSSL 1.0.2 and higher. So with that in mind;

If the directive works on 2.4.29/Libressl 2.5.5, chances are whatever part of LRE's API was removed by LRE that supports this Apache directive. This would not be a surprise since there is a slimming down of the library of "unneeded code" so they deem almost every release.

Or

If the directive doesn't work on 2.4.29/Libressl 2.5.5, it's probably because LRE was forked from OpenSSL 1.0.1 and what of OpenSSL 1.0.2 is needed for the directive has never been added to LRE.

[long76]

thanks for answer. i asked LRE developers(https://github.com/libressl-portable/portable/issues/367), as i understand mod_ssl should have options for curves and ECDHParametres.