bind-9.10.1,openssl-1.0.1h,softhsm-1.3.7 build problems

sibu sibxol at btconnect.com
Thu Oct 9 13:56:38 UTC 2014 

Greetings,

I am trying to compile bind-0.10.1 for use with softhsm-1.3.7 and 
openssl-1.0.1h.  My computer has these:-
--os linux 64bit cblfs
--CPU amd64

I followed the instructions  for building bind-9.10.1 given here:-
( https://kb.isc.org/article/AA-01031 )
- i.e. for the build of openssl-1.0.1h I used the patch for openssl-1.0.1h  
(bundled  in /bin/pkcs11 of the 
bind-9.10.1 archive.  For this I passed these to configure -:-

./Configure linux-x86_64 \
-pthread \
--with-pkll-libname=/opt/dns/usr/lib/softhsm/libsofthsm.so \
--with-pk11-flavor=sign-only \
--prefix=/opt/dns/usr

no patching-errors, nor make-errors  nor test-errors were reported.
HOWEVER when executing the  diagnostic tests for  correctly built openssl
ie. 'apps/openssl engine pkcs11'  this happens:-

#-------------------------------------------------
WARNING: can't open config file: /opt/dns/usr/ssl/openssl.cnf
139752258475688:error:25066067:DSO support routines:DLFCN_LOAD:could not load 
the shared 
library:dso_dlfcn.c:187:filename(/opt/dns/usr/lib/engines/libpkcs11.so): 
/opt/dns/usr/lib/engines/libpkcs11.so: cannot open shared object file: No such 
file or directory
139752258475688:error:25070067:DSO support routines:DSO_load:could not load 
the shared library:dso_lib.c:244:
139752258475688:error:260B6084:engine routines:DYNAMIC_LOAD:dso not 
found:eng_dyn.c:450:
139752258475688:error:2606A074:engine routines:ENGINE_by_id:no such 
engine:eng_list.c:418:id=pkcs11
#-------------------------------------------------

I have no reference to  /opt/dns/usr/lib/engines/libpkcs11.so  in the 
./Configure options and  the reference to  
/opt/dns/usr/lib/softhsm/libsofthsm.so seems to have been  ignored 

I also tied setting the  envars:-
SOFTHSM_CONF=/opt/dns/softhsm.conf
LD_LIBRARY_PATH=/opt/dns/usr/lib/softhsm:${LD_LIBRARY_PATH}
before executing 'apps/openssl engine pkcs11'  command
but these made no difference.


Advice will be appreciated

sincerely
sibuXolo

ps I posted yesterday but  did not see my mail returned so I figured the list-
mailserver  was unwell

More information about the bind-users mailing list