uname -a NetBSD ncti106.seqldn.com 9.0 NetBSD 9.0 (GENERIC) #0: Fri Feb 14 00:06:28 UTC 2020 [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC amd64 <mailto:[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC%2 0amd64>
openssl version (per NetBSD 9.0) OpenSSL 1.1.1d 10 Sep 2019 apachectl -v Server version: Apache/2.4.46 (Unix) Server built: Sep 26 2020 14:51:49 pkgin ls|grep -i apache-2 apache-2.4.46nb1 Apache HTTP (Web) server, version 2.4 pkgin pbd apache-2.4.46nb1 (or 2.2.46) ..snip BUILTIN_PKGS=expat-2.2.8 openssl-1.1.1g xz-5.2.4 zlib-1.2.10 (BUILTIN_PKGS for Apache 2.4.43 was BUILTIN_PKGS=expat-2.2.8 openssl-1.1.1d xz-5.2.4 zlib-1.2.10) grep -i /var/log/httpd/mod_ssl error_log.20201207 [Mon Dec 07 14:06:35.640890 2020] [ssl:warn] [pid 19017] AH01882: Init: this version of mod_ssl was compiled against a newer library (OpenSSL 1.1.1g 21 Apr 2020, version currently loaded is OpenSSL 1.1.1d 10 Sep 2019) - may result in undefined or erroneous behavior The above error is my issue. Perhaps I should have checked the requirements of the update before I installed it (pkgin fug) but (not being critical here) I would think that the package would advise me that required dependencies were not available and allow me some option to abort. This error is logged at startup; however, it does not appear to be causing any issues to date (installed Oct 2020) Can I replace mod_ssl with a version that does not require the more recent version of openssl. Should I update to the newer version of openssl? I think I tried doing that in the past but could never figure out how to get the system to use the installed package vs the version that came with NetBSD. My concern is that going forward my apache environment will eventually either break I won't be able to install update with the newer version. Looking for suggestions ( and perhaps a how-to on installation and configuration of the new version of openssl). Thanks
