Confusion Configuring

Dr. Matthias St. Pierre Matthias.St.Pierre at ncp-e.com
Sat Dec 18 08:19:38 UTC 2021 

For OpenSSL 3.0, it's better to use  util/wrap.pl instead.

(Note: util/wrap.pl is created from util/wrap.pl.in by the Configure command)

> -----Original Message-----
> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Dr. Matthias St. Pierre
> Sent: Saturday, December 18, 2021 9:11 AM
> To: Hal Murray <halmurray+openssl at sonic.net>; openssl-users at openssl.org
> Subject: RE: Confusion Configuring
>
> Hal,
>
> > But when I run
> >   ./apps/openssl version -d
> > it says:
> >   OPENSSLDIR: "/usr/local/ssl"
> > I was expecting /etc/pki/tls from the Configure line above.
> >
> > What am I missing?  How do I tell it where to find the default certificates?
>
> It is very likely that your binary is actually loading the system's shared libraries instead of
> the ones you just compiled. You can verify whether this using the `ldd` command, see below.
>
> There is a shared library wrapper called `shlib_wrap.sh` which can be used to run
> the compiled application correctly without installing it:
>
> ## incorrect (without wrapper)
> msp at msppc:~/src/openssl-1.1.1$ apps/openssl version -d
> OPENSSLDIR: "/etc/ssl"
>
> ## correct (using the wrapper)
> msp at msppc:~/src/openssl-1.1.1$ util/shlib_wrap.sh apps/openssl version -d
> OPENSSLDIR: "/opt/openssl-1.1.1-dev/ssl"
>
> HTH,
>
> Matthias
>
>
>
>
> ## ldd output without wrapper
>
> msp at msppc:~/src/openssl-1.1.1$ ldd apps/openssl
>         linux-vdso.so.1 (0x00007fff05b81000)
>         libssl.so.1.1 => /usr/lib64/libssl.so.1.1 (0x00007f6e46ade000)
>         libcrypto.so.1.1 => /usr/lib64/libcrypto.so.1.1 (0x00007f6e46820000)
>         libdl.so.2 => /lib64/libdl.so.2 (0x00007f6e4681a000)
>         libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6e467fa000)
>         libc.so.6 => /lib64/libc.so.6 (0x00007f6e46641000)
>         /lib64/ld-linux-x86-64.so.2 (0x00007f6e46c5d000)
>
> ## ldd output using the wrapper
>
> msp at msppc:~/src/openssl-1.1.1$ util/shlib_wrap.sh ldd apps/openssl
>         linux-vdso.so.1 (0x00007ffd2032e000)
>         libssl.so.1.1 => util/../libssl.so.1.1 (0x00007f4a34aeb000)
>         libcrypto.so.1.1 => util/../libcrypto.so.1.1 (0x00007f4a347a2000)
>         libdl.so.2 => /lib64/libdl.so.2 (0x00007f4a34785000)
>         libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f4a34765000)
>         libc.so.6 => /lib64/libc.so.6 (0x00007f4a345ac000)
>         /lib64/ld-linux-x86-64.so.2 (0x00007f4a34c78000)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7448 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20211218/560d3eb4/attachment-0001.bin>

More information about the openssl-users mailing list