Compiling bind 9.17.15 with alternate OpenSSL library
Eric Germann
ekgermann at semperen.com
Mon Jul 5 16:24:04 UTC 2021
I’m in the process of building a custom version of bind with DoH and would also like to add DNSSEC algorithm 15 for experimental purposes
DoH works just fine on the servers I have configured.
My “configure" command is
./configure --with-openssl=../openssl-1.1.1k --with-libxml2 --with-json-c --disable-dnstap --enable-fixed-rrset --enable-querytrace --sysconfdir=/etc/namedb
When I override the SSL library, it doesn’t pick it up. It uses the system library of 1.0.2k-fips from the system (Centos 7 10.0-1160.25.1.el7.x86_64 #1 SMP Wed Apr 28 21:49:45 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux)
I know when I build nginx, I can override the SSL library by pointing to the OpenSSL directory and it shows and functions with the correct library (1.1.1k).
I’ve built OpenSSL in the directory spec’d in the config line, but haven’t done a “make install” because it will trash the system.
Is there anyway to build against 1.1.1k without doing a “make install” on the newer OpenSSL library?
Thanks
---
Eric Germann
ekgermann {at} semperen {dot} com || ekgermann {at} gmail {dot} com
LinkedIn: https://www.linkedin.com/in/ericgermann
Twitter: @ekgermann
Telegram || Signal || Phone +1 {dash} 419 {dash} 513 {dash} 0712
GPG Fingerprint: 89ED 36B3 515A 211B 6390 60A9 E30D 9B9B 3EBF F1A1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210705/fb138f79/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210705/fb138f79/attachment.bin>
More information about the bind-users
mailing list