Ubuntu Hardy LTS (8.04) and Nginx and Openssl

Hi,

I am having problems to use Nginx with the openssl version Ubuntu 8.04
server shipped.
See: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/395637
I use the Nginx backported version:
nginx_0.6.34-2ubuntu1~intrepid1_i386.deb (the 0.5.3 default version is
too old on Ubuntu therfor I use the backports for nginx).

When running a SSL virtual host I get:
SSL_CTX_set_tlsext_servername_callback() failed (SSL:)

As stated before, it is a bug in the OpenSSL version of Ubuntu Hardy…my
question is does anyone know how I can fix this and not using the
OpenSSL sources?
I want to use the debian/ubuntu repositories so I can easyily update and
upgrade my system…when I have to compile from source (esp openssl!) I
have to keep it up to date by compiling it and following the mailinglist
and take care of the dependency hell :frowning:
That is why I want to try to find a Ubuntu repository solution.
Does anyone know how I can fix the Openssl error with Nginx , Ubuntu and
Openssl?

Thanks for any help or tips.

Kind regards,

Michiel

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,7230,7230#msg-7230

On Wed, Sep 16, 2009 at 10:52:52AM -0400, xmichielx wrote:

I want to use the debian/ubuntu repositories so I can easyily update and upgrade my system…when I have to compile from source (esp openssl!) I have to keep it up to date by compiling it and following the mailinglist and take care of the dependency hell :frowning:
That is why I want to try to find a Ubuntu repository solution.
Does anyone know how I can fix the Openssl error with Nginx , Ubuntu and Openssl?

I think you may encounter this issue if you build nginx package on
a host where OpenSSL was built with enable-tlsext and then installed
the package on a host where OpenSSL Cwas built without enable-tlsext.

Hi Igor,

I got this problem with the repostiroy ubuntu 8.04 is offering me.
I used the old 0.5.* version but it is lacking a lot of features…so
then I installed the backported nginx version but that is lacking the
enable-tlsext.
How can I find out if the old debian ubuntu 8.04 hardy package is using
the enable-tlsext option? (but lacking other features) the one at:
http://packages.ubuntu.com/hardy/nginx ?

Kind regards,

Michiel

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,7230,7243#msg-7243

On Wed, Sep 16, 2009 at 12:16:55PM -0400, xmichielx wrote:

Hi Igor,

I got this problem with the repostiroy ubuntu 8.04 is offering me.
I used the old 0.5.* version but it is lacking a lot of features…so then I installed the backported nginx version but that is lacking the enable-tlsext.
How can I find out if the old debian ubuntu 8.04 hardy package is using the enable-tlsext option? (but lacking other features) the one at: http://packages.ubuntu.com/hardy/nginx ?

The attached patch does not stop nginx, now nginx will issue warning:
“nginx has linked dynamically to an OpenSSL library which was built
without tlsext support”.

I am having problems to use Nginx with the openssl version Ubuntu 8.04
server shipped.

I want to use the debian/ubuntu repositories so I can easyily update and
upgrade my system…when I have to compile from source (esp openssl!) I
have to keep it up to date by compiling it and following the mailinglist
and take care of the dependency hell :frowning:

I build the stable and devel versions of nginx for Ubuntu 8.04 LTS in my
PPAs, so you don’t have to. :slight_smile:

https://launchpad.net/~jdub/+archive/ppa (for 0.7.x)

https://launchpad.net/~jdub/+archive/devel (for 0.8.x)

I haven’t seen any SSL problems with these packages – they’re built on
and
for hardy.

  • Jeff

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs