[openssl-users] 1.0.1 upgrade issue

Mike Collins mikec1404 at gmail.com
Fri Feb 13 15:29:41 UTC 2015


I am upgrading an embedded linux board's BSP from 1.0.0m to 1.0.1l due to a
requirement for TLS v1.1. Version 1.0.1 will cross compile without errors
using my 1.0.0 configuration but I have identified the following errors on
the board (so far) with the build using 1.0.1:
1.) Cannot create a RSA key
2.) Trying to connect to the board's Lighttpd web server via https will
timeout with PKCS #11 error
3.) Curl https POST calls fail with RSA padding error.

Board has a ARM926EJ based processor and I am using a Codesourcery Lite
toolchain. Configure settings (besides --prefix, etc) are shared, no-asm,
linux-generic32, no-ssl2. All the other packages on the board have been
rebuilt against the new openssl version.

I am looking at the key creation first since that may be causing the other
issues. If I try to create a key from the board command line using "openssl
genrsa -out testkey.pem 2048" I get a response of "Generating RSA private
key, 2048 bit long modulus". At this point it seems to get stuck in a loop;
I am seeing the progress indicators (".") but it will never finish creating
the key. I have let it run 10-15 minutes without completion; it just keeps
displaying successive progress indicators. I can do Ctrl-C and it will
exit.

I don't think so but are there any dependency changes from 1.0.0 to 1.0.1?

I noticed 1.0.2 has been released so tried that as well but have the same
result as 1.0.1

Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150213/00203f25/attachment.html>


More information about the openssl-users mailing list