On Apr 20, 2017, at 9:56 AM, Konstantin Knaab-Hinrichs via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
having trouble getting radiusd to work because of openssl:
CLI debugging:
root@$HOSTNAME:/etc/raddb# openssl version OpenSSL *1.0.2k* 26 Jan 2017 ... Debugger not attached Refusing to start with libssl version OpenSSL 1.0.1t 3 May 2016 0x1000114f (1.0.1t release) (in range 1.0.1 release - 1.0.1t rule)
You have multiple versions of OpenSSL installed on your system. Don't do that. FreeRADIUS doesn't magically detect OpenSSL 1.0.1t when you actually have 1.0.2k installed. It detects 1.0.1t because 1.0.1t *is* installed, and *is* being used by FreeRADIUS.
Do I have to recompile FreeRADIUS after a new installation of OpenSSL?
Yes. Because of historic issues with OpenSSL breaking their APIs in minor releases. OpenSSL is fixing their APIs. We will likely relax this check for OpenSSL 1.1.0 and later. Alan DeKok.