[Pkg-openssl-devel] Bug#876403: Ship ct_log_list.cnf so -ct works
Josh Triplett
josh at joshtriplett.org
Thu Sep 21 23:42:16 UTC 2017
On Thu, Sep 21, 2017 at 11:16:33PM +0200, Sebastian Andrzej Siewior wrote:
> On 2017-09-21 12:03:19 [-0700], Josh Triplett wrote:
> > Attempting to use "openssl s_client -ct" produces this error:
> >
> > 139776622486784:error:02001002:system library:fopen:No such file or directory:../crypto/bio/bss_file.c:74:fopen('/usr/lib/ssl/ct_log_list.cnf','rb')
> > 139776622486784:error:2006D080:BIO routines:BIO_new_file:no such file:../crypto/bio/bss_file.c:81:
> > 139776622486784:error:0E078072:configuration file routines:def_load:no such file:../crypto/conf/conf_def.c:150:
> > 139776622486784:error:3207B06D:CT routines:CTLOG_STORE_load_file:log conf invalid:../crypto/ct/ct_log.c:207:
> >
> > Please ship an appropriate /usr/lib/ssl/ct_log_list.cnf .
>
> I have no idea what to do. So current 1.1.0f has a ct_log_list.cnf which
> has some entries and we could ship. However master has now an empty file
> since
> https://github.com/openssl/openssl/commit/c7af65c7b28db13d39bb24f44730bf0293355e94
> so I *think* you would need to edit that file anyway (not now but in a
> further release). So as user you would probably want to use
> -ctlogfile infile
> instead.
> Any ideas?
I would suggest shipping the file that results from following the
comments there, and keeping it up to date.
More information about the Pkg-openssl-devel
mailing list