-
-
Notifications
You must be signed in to change notification settings - Fork 178
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot use Openssl 1.1.1f with netty-tcnative, we get UnsatisfiedLinkError: .. libssl.so.1.0.0 #551
Comments
You're using a dynamically linked version of |
I have the same problem with the newest version. Do you have any idea how to solve this? |
Depends what are you trying to solve... If it is enabling OpenSSL 1.1 specifically, than someone would have to contribute to the project. Due to breaking changes in OpenSSL API between 1.0 and 1.1, either another netty-tcnative version for dynamically linked OpenSSL 1.1 should be created, or some kind of adapter which could handle different API versions of the OpenSSL (but I'm not expert on JNI bindings at all, so that possibly makes no sense). |
Thanks for your reply. I have enabled TLSv1.3 successfully with netty-tcnative-boringssl-static. However, I still have some questions with enabling OpenSSL1.1.1 with netty-tcnative. I find the following post and merge: Is it means netty-tcnative in the maven cental repo is already support OpenSSL1.1.1? Or I have to compile netty-tcnative by myself with some configuration or change the code? |
Ok, you're right, JNI bindings are ready for it. In that case, as I understand: I can see two ways to solve that:
It would be interesting to get in touch with maintainer to get more information about the official build pipeline - which Dockerfile is used for official release.... and also about possible contribution with changes. |
Netty with OpenSSL 1.1.1 support is a bit tricky now I wanted to provide a few suggestions on how you can to get this working: First, make sure you have OpenSSL 1.1.1 installed from source in a custom location:
you are going to need to install apr as well:
Then when building netty-tcnative, set the compile flags to point the build to this custom OpenSSL:
This will make sure the headers and libraries are picked up from that prefix path.
Then basically all you need is to reference the locally built snapshot version in your application:
Hopefully that helps! Let me know if you'd like any clarification or have additional challenges with this approach! |
We have an application that uses netty to build a SSL context with Openssl as the SSL provider.
We are planning to upgrade from Openssl 1.1.0 to Openssl 1.1.1 to get the TLS 1.3 support.
So we tried setting up a server SSL context using OpenSSL 1.1.1 in a ubuntu 20.04 linux release and we are getting the below errors
Suppressed: java.lang.UnsatisfiedLinkError: /tmp/libnetty_tcnative6745395350932048529.so: libssl.so.1.0.0: cannot open shared object file: No such file or directory
The full stacktrace is here https://github.com/keshava88/netty-tcnative-with-openssl1.1.1f/blob/master/tls1.3/src/test/resources/stacktrace
also attached here
stacktrace.txt
The TLS server code is here (it is based on netty's secure chat example) https://github.com/keshava88/netty-tcnative-with-openssl1.1.1f/blob/master/tls1.3/src/main/java/tls/securechat/SecureChatServer.java
also attached here SecureChatServer.java.txt
The installed libraries in the ubuntu machine are below
Following are the netty dependencies i am using
What is that I am missing here? why is tcnative looking for libssl.so.1.0.0 , it should look for libssl1.1.so , right?
The text was updated successfully, but these errors were encountered: