Ok, Do you have a location where this alternative can be downloaded (at least we can document this, right?) That way we can point at the Wiki when this question pops up again. :-) Stefan Paetow Consultant, Trust and Identity t: +44 (0)1235 822 125 gpg: 0x3FCE5142 xmpp: stefanp@jabber.dev.ja.net skype: stefan.paetow.janet jisc.ac.uk Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800. On 30/03/2018, 18:28, "Freeradius-Users on behalf of Alan DeKok" <freeradius-users-bounces+stefan.paetow=jisc.ac.uk@lists.freeradius.org on behalf of aland@deployingradius.com> wrote: On Mar 30, 2018, at 1:22 PM, Stefan Paetow <Stefan.Paetow@jisc.ac.uk> wrote: > > Arran, Alan, thumbs-up to a v3.0.17. Can you just make sure that when you build the official packages, that you don't build against packages that are not available in either CentOS/RHEL 7 or EPEL 7 repos? I had hoped to deploy the official 3.0.16 package but it wanted a package that doesn't exist in any of the repos in question. The main issue is that RH has decided to move from OpenSSL to NSS. They've *partially* done the port. So libldap links to NSS, but other applications such as FreeRADIUS don't. Trying to use libldap+NSS with FreeRADIUS+OpenSSL is a recipe for disaster. NSS has an OpenSSL wrapper / compatibility layer. So that layer ends up "stealing" the OpenSSL functions from FreeRADIUS, and then everything crashes. As a result, we need to have FR link to a version of libldap that uses OpenSSL. Which RH doesn't distribute. If you're not using LDAP, this is mostly moot. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html