Application I use requires OpenSSL 0.9.8, which was already installed (0.9.8e to be specific) on my CentOS alongside 1.0.1e which unfortunately is used by default. I tried to change libssl.so.10
symbolic link to point to the older version like so:
[mckulpa@nuance-vm ~]$ ldd /usr/bin/openssl
/usr/bin/openssl: /usr/lib64/libssl.so.10: no version information available (required by /usr/bin/openssl)
linux-vdso.so.1 => (0x00007fff2edff000)
libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f664457c000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x0000003927600000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x0000003926200000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x0000003925a00000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x0000003926e00000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x0000003927200000)
libdl.so.2 => /lib64/libdl.so.2 (0x000000391a600000)
libz.so.1 => /lib64/libz.so.1 (0x000000391aa00000)
libc.so.6 => /lib64/libc.so.6 (0x0000003919e00000)
libcrypto.so.6 => /usr/lib64/libcrypto.so.6 (0x00007f664421d000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x0000003925e00000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x0000003926a00000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x000000391be00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x000000391a200000)
/lib64/ld-linux-x86-64.so.2 (0x0000003919600000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x000000391b600000)
[mckulpa@nuance-vm ~]$ export LD_LIBRARY_PATH=~/libs:$LD_LIBRARY_PATH
[mckulpa@nuance-vm ~]$ echo $LD_LIBRARY_PATH
/home/mckulpa/libs:/usr/local/Nuance/Recognizer_Service/amd64/lib:/usr/local/Nuance/OAM/x86/lib:/usr/local/Nuance/Common/x86/lib:/usr/local/Nuance/Common/amd64/lib
[mckulpa@nuance-vm ~]$ ldd /usr/bin/openssl
/usr/bin/openssl: /home/mckulpa/libs/libssl.so.10: no version information available (required by /usr/bin/openssl)
linux-vdso.so.1 => (0x00007fff91dbc000)
libssl.so.10 => /home/mckulpa/libs/libssl.so.10 (0x00007ffe1af50000)
libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x0000003927600000)
libkrb5.so.3 => /lib64/libkrb5.so.3 (0x0000003926200000)
libcom_err.so.2 => /lib64/libcom_err.so.2 (0x0000003925a00000)
libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x0000003926e00000)
libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x0000003927200000)
libdl.so.2 => /lib64/libdl.so.2 (0x000000391a600000)
libz.so.1 => /lib64/libz.so.1 (0x000000391aa00000)
libc.so.6 => /lib64/libc.so.6 (0x0000003919e00000)
libcrypto.so.6 => /usr/lib64/libcrypto.so.6 (0x00007ffe1abd9000)
libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x0000003925e00000)
libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x0000003926a00000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x000000391be00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x000000391a200000)
/lib64/ld-linux-x86-64.so.2 (0x0000003919600000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x000000391b600000)
[mckulpa@nuance-vm ~]$ ls -l libs
total 316
-rwxr-xr-x. 1 mckulpa mckulpa 321224 05-28 14:59 libssl.so.0.9.8e
lrwxrwxrwx. 1 mckulpa mckulpa 16 05-28 15:18 libssl.so.10 -> libssl.so.0.9.8e
but all I get is a warning and still the 1.0.1e version is printed out:
[mckulpa@nuance-vm ~]$ openssl version
openssl: /home/mckulpa/libs/libssl.so.10: no version information available (required by openssl)
OpenSSL 1.0.1e-fips 11 Feb 2013
Any ideas how to do this properly?
Best Answer
Your application needs the 0.9.8 openssl -- but does it need the 0.9.8 openssl executable, or the 0.9.8 library? (Is it trying to run openssl, or link against it?)
The CentOS openssl098e package is a "A compatibility version of a general cryptography and TLS library", and will install the libraries only - it will not install the 0.9.8 executable.
Run ldd against your application to see whether it's linking in one of the openssl libraries (libssl and libcrypto). To see what your application is trying to run, you can strace it with
strace -fo /tmp/strace.out
and look for the execv lines.If your application needs the openssl executable, you'd need to recompile the 0.9.8 package for CentOS 6.
If your application needs the openssl library, then verify whether you need the x86_64 or i686 version, with
ldd application
. If it's looking in /lib64, thenyum install yum install openssl098e.x86_64
. If it's looking in /lib thenyum install openssl098e.i686
.