On 10.10.2021 20.04, Spencer Olson wrote:
On Sun, Oct 10, 2021, 10:38 Timo Aaltonen <tjaal...@debian.org
<mailto:tjaal...@debian.org>> wrote:
On 10.10.2021 18.41, Spencer Olson wrote:
> Did some more investigation. I downloaded the packages that are
being
> used on centos stream 8. First I tried my test code with their
version
> of libssl3.so preloaded: it failed in the same way as all the
others
> failed--not surprisingly since its version is much later than the
3.39
> version where this changed.
>
> Then, I downloaded and took a look at "dogtag-submit" from the
CentOS
> Stream 8 (RedHat) certmonger package. As far as I can tell, their
> version of "dogtag-submit" is *not* linked against libcurl-nss.so
at all
> like the version on debian sid. Instead, all their certmonger
helper
> programs are linked against the OpenSSL version (libcurl.so.4).
>
> So, I think that we should just link these against the openssl
version,
> as the RedHat packages do and get things to work again.
Hmm, thanks.. indeed certmonger is still built against
libcurl4-nss-dev,
I've changed it to openssl now and see how it goes against gitlab CI..
Maybe the CI will finish before I can get back to my testing.
And it did, this error is fixed now :)
But it fails later on, so there's some work still to catch up with the
current distro, but at least this particular annoyance is resolved, so
many thanks for figuring it out! I was sure the reason was something
silly and related to the SSL stack (or maybe ciphers) but was blind to
see it.
--
t
