[openssl-users] [openssl-dev] Openssl 1.1 and Bind 9.6 ESV R11

Viktor Dukhovni openssl-users at dukhovni.org
Wed Jan 20 18:20:07 UTC 2016

On Wed, Jan 20, 2016 at 11:05:58AM -0700, The Doctor wrote:

> > The bind code is what needs to be adjusted, given that openssl 1.1 is
> > intentionally introducing API changes and removing direct access to many
> > structures.  It seems quite unlikely that an EoL version of a
> > third-party software is going to magically receive a new release
> > allowing it to build against a version of openssl that did not exist
> > when it was released.
> That's my issue.  I cannot get a more recent bind version to stay 
> to stable on one box.

Bind 9.10 works fine for me, but I use it only as an authoritative
server.  My recursive resolver is "unbound".  And I make sure to
build both without GOST support.

If BIND is not reliable enough for you, consider some combination
"unbound" and/or "nsd".


More information about the openssl-users mailing list