Crypto failure Issues
Stewart, Larry C Sr CTR DISA JITC (US)
larry.c.stewart.ctr at mail.mil
Mon Jul 27 18:05:00 UTC 2015
Thank you that was the trick. What impact does that have on crypto operations used by BIND?
Larry Stewart, CISSP
Contractor - ManTech
Network Engineer
Office: 520-538-4227
DSN: 879-4227
Cell phone: 520-227-8251
larry.c.stewart.ctr at mail.mil
-----Original Message-----
From: Tony Finch [mailto:fanf2 at hermes.cam.ac.uk] On Behalf Of Tony Finch
Sent: Monday, July 27, 2015 8:27 AM
To: Stewart, Larry C Sr CTR DISA JITC (US)
Cc: bind-users at lists.isc.org
Subject: Re: Crypto failure Issues
Stewart, Larry C Sr CTR DISA JITC (US) <larry.c.stewart.ctr at mail.mil> wrote:
> I am having issues with bind failing to start due to a crypto failure
> when I compile with the --with-openssl option when I have openssl
> version 1.0.2d or 1.0.2c
>
> Is anyone aware of any compatibility issues between bind and openssl
> version 1.0.2? I have no issues when I use openssl version 0.9.8zf.
This sounds like the GOST problem. Try building BIND with
./configure --without-gost or copy the OpenSSL GOST engine shared object
into your chroot.
e.g. https://lists.isc.org/pipermail/bind-users/2014-June/093450.html
http://gnats.netbsd.org/48658
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Tyne, Dogger, Fisher: Northeast 5 or 6 backing north 4 or 5, but cyclonic at
first in Dogger. Moderate. Rain or showers. Moderate or good.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5605 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150727/8bcda79c/attachment.bin>
More information about the bind-users
mailing list