Hi Team,
I'm compiling OpenLDAP 2.5.13 on CentOS 7 & OpenSSL 1.1.1g is already installed & below is the command. ./configure --prefix=/opt/deployment/openldap_v13 --sysconfdir=/opt/deployment/openldap_v13/etc --localstatedir=/opt/deployment/openldap_v13/var --libexecdir=/opt/deployment/openldap_v13/libexec --enable-overlays=mod --enable-modules --enable-accesslog --enable-auditlog --enable-collect --enable-memberof --enable-syncprov --with-tls=openssl --enable-dynamic --enable-crypt --enable-slapd --enable-rlookups --disable-perl --enable-ppolicy --enable-backends=mod --disable-ndb --disable-sql --disable-shell --disable-bdb --disable-hdb
I'm getting the below error of OpenSSL.
checking for openssl/ssl.h... yes checking for SSL_export_keying_material_early in -lssl... no configure: error: Could not locate TLS/SSL package
Could you please suggest how to fix this issue.
Thanks, Vijay
On Tue, Aug 9, 2022 at 10:32 AM vmaidarkar@gmail.com wrote:
Hi Team,
I'm compiling OpenLDAP 2.5.13 on CentOS 7 & OpenSSL 1.1.1g is already installed & below is the command. ./configure --prefix=/opt/deployment/openldap_v13 --sysconfdir=/opt/deployment/openldap_v13/etc --localstatedir=/opt/deployment/openldap_v13/var --libexecdir=/opt/deployment/openldap_v13/libexec --enable-overlays=mod --enable-modules --enable-accesslog --enable-auditlog --enable-collect --enable-memberof --enable-syncprov --with-tls=openssl --enable-dynamic --enable-crypt --enable-slapd --enable-rlookups --disable-perl --enable-ppolicy --enable-backends=mod --disable-ndb --disable-sql --disable-shell --disable-bdb --disable-hdb
I'm getting the below error of OpenSSL.
checking for openssl/ssl.h... yes checking for SSL_export_keying_material_early in -lssl... no configure: error: Could not locate TLS/SSL package
Could you please suggest how to fix this issue.
prefix=/opt/deployment/openldap_v13 is not enough to pick up OpenSSL 1.1.
OpenSSL provides package configuration information. Try setting PKG_CONFIG_PATH before invoking configure.Something like:
# prefix is the location you are installing updated packages # In your case it looks like /opt/deployment/openldap_v13 export PKG_CONFIG_PATH=${prefix}/lib/pkgconfig ./configure --prefix=/opt/deployment/openldap_v13 ...
If you don't set PKG_CONFIG_PATH, then you probably need to set the path to headers and libraries in CFLAGS and LDFLAGS.
Jeff
I guess you need to install the development package of OpenSSL on CentOS 7, the "regular" one won't do it. Double check that.
Besides that, I suggest quitting using CentOS 7: look for Rocky Linux and AlmaLinux.
On 09/08/2022 03:01, vmaidarkar@gmail.com wrote:
Hi Team,
I'm compiling OpenLDAP 2.5.13 on CentOS 7 & OpenSSL 1.1.1g is already installed & below is the command. ./configure --prefix=/opt/deployment/openldap_v13 --sysconfdir=/opt/deployment/openldap_v13/etc --localstatedir=/opt/deployment/openldap_v13/var --libexecdir=/opt/deployment/openldap_v13/libexec --enable-overlays=mod --enable-modules --enable-accesslog --enable-auditlog --enable-collect --enable-memberof --enable-syncprov --with-tls=openssl --enable-dynamic --enable-crypt --enable-slapd --enable-rlookups --disable-perl --enable-ppolicy --enable-backends=mod --disable-ndb --disable-sql --disable-shell --disable-bdb --disable-hdb
I'm getting the below error of OpenSSL.
checking for openssl/ssl.h... yes checking for SSL_export_keying_material_early in -lssl... no configure: error: Could not locate TLS/SSL package
Could you please suggest how to fix this issue.
Thanks, Vijay
On Tue, Aug 9, 2022 at 10:52 AM Alceu Rodrigues de Freitas Junior glasswalk3r@yahoo.com.br wrote:
I guess you need to install the development package of OpenSSL on CentOS 7, the "regular" one won't do it. Double check that.
Besides that, I suggest quitting using CentOS 7: look for Rocky Linux and AlmaLinux.
+1. The antique software provided in Red Hat and CentOS is maddening nowadays. It causes more trouble than its worth. And the workarounds, like enabling SCL, are just as bad. Systemd completely ignores the SCL environment which causes all kinds of obscure problems, like version problems for shared objects.
I now use Fedora Server. You get all the Red Hat processes plus up-to-date software. The downside is you need to run dnf-system-upgrade [1] twice a year due to Fedora's cadence. I have been using dnf-system-upgrade for about a decade and have never encountered trouble.
[1] https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
Jeff
Hi Alceu,
I couldn't find development package of OpenSSL, could u share me the link to download the same.
--On Tuesday, August 16, 2022 8:11 AM +0000 vmaidarkar@gmail.com wrote:
Hi Alceu,
I couldn't find development package of OpenSSL, could u share me the link to download the same.
OpenLDAP 2.5+ require OpenSSL 1.1 series or later. CentOS7, your chosen environment, does not include ship the OpenSSL 1.1 series. You have to install the EPEL repo on CentOS7 if you need to build OpenLDAP on that platform, and you'll need to install the development package from there as well.
Better would be to deploy AlmaLinux 8 or AlmaLinux 9 if you want to stay on an RedHat like environment, as they ship current OpenSSL releases.
Regards, Quanah
--On Tuesday, August 16, 2022 8:18 AM -0700 Quanah Gibson-Mount quanah@fast-mail.org wrote:
--On Tuesday, August 16, 2022 8:11 AM +0000 vmaidarkar@gmail.com wrote:
Hi Alceu,
I couldn't find development package of OpenSSL, could u share me the link to download the same.
OpenLDAP 2.5+ require OpenSSL 1.1 series or later. CentOS7, your chosen environment, does not include ship the OpenSSL 1.1 series. You have to install the EPEL repo on CentOS7 if you need to build OpenLDAP on that platform, and you'll need to install the development package from there as well.
Better would be to deploy AlmaLinux 8 or AlmaLinux 9 if you want to stay on an RedHat like environment, as they ship current OpenSSL releases.
Note: I saw you said that "OpenSSL 1.1.1g" is installed -
Where is it installed? How was it installed?
If you built and installed OpenSSL 1.1 yourself, you need to tell OpenLDAP where to find it before it can compile.
Regards, Quanah
openldap-technical@openldap.org
-
Alceu Rodrigues de Freitas Junior -
Jeffrey Walton -
Quanah Gibson-Mount -
vmaidarkar@gmail.com