[root@sys-214-29 conf-basic-5.3.2]# confd /home/rdhanapa/confd-basic-5.3.2.linux.x86_64/conf-basic-5.3.2/etc/confd/confd.conf:0: cannot dynamically link with libcrypto shared library
Daemon died status=21
[root@sys-214-29 conf-basic-5.3.2]# cat /etc/os-release
NAME=“Red Hat Enterprise Linux Server”
PRETTY_NAME=“Red Hat Enterprise Linux”
REDHAT_BUGZILLA_PRODUCT=“Red Hat Enterprise Linux 7”
REDHAT_SUPPORT_PRODUCT=“Red Hat Enterprise Linux”
When ConfD is built, it has a dependency on OpenSSL 1.0.0. If your system has a version other than this, then you simply need to rebuild a pair of libraries. There is a description of how to handle in this in the Installation category of the forum in the topic found here: Using a Different Version of OpenSSL
There is currently a known problem using libcrypto from OpenSSL 1.0.2 with ConfD 5.4. The fix for this problem will be in the next release of ConfD Basic in June. Until then, you should use either OpenSSL 1.0.0 or 1.0.1 with ConfD Basic 5.4.
If you have a requirement to use OpenSSL 1.0.0r, you will need to follow the instructions at Using a Different Version of OpenSSL to rebuild libconfd and the crypto interface module, and replace the versions in the ConfD release build. Otherwise, you will need to install a compatible version, OpenSSL 1.0.0 for all ConfD releases of Linux systems, on your system.
I’m trying to follow re-compile instructions in this thread to re-compile for newer libconfd.so and crypto.so using my openssl (0.9.8y) on power-pc-linux platform.
My re-compiles are successful but am still getting the “cannot dynamically link with libcrypto…” message upon confd startup.
I did cross-platform compile of libconfd.so and crypto.so using the makefiles given in the zip. My target is linux powerpc and build host is linux i686.
I’m sure my PATH and LD_LIBRARY_PATH are correct and there seems no confusion about which libcrypto is getting picked at runtime.
Q. Is there something different about the pre-built powerpc-linux version of confd binary vs confd for i686? Is there something I could be missing to cause the error. Thanks for help.
%confd -c confd.conf --addloadpath /export/hydra/home/qamar/netconf/Linux-ppc2020/confd-5.4/etc/confd
Bad configuration: confd.conf:0: cannot dynamically link with libcrypto shared library
Daemon died status=21
P.S I have successfully done similar re-compile exercise on my linux-686 platform to again use openssl 0.9.8y - and that went just fine and confd server was well up and running.
When I moved to new centos7.4, we got openssl 1.0.2k where as our confd was previously working with openssl 1.0.1e. Now when I followed the steps mentioned above (get the 1.0.1e openssl and compile it on this system and copy to lib folder) then the libconfd.so point to this old openssl - thats good. But the libcrypto.so is still linked with /usr/lib64/1.0.0 (which points to 1.0.2k).
To make it work, I had to change directly /usr/lib64/libcrypto.so.1.0.0 to point to 1.0.1e. Then confd worked. I could login using CLI - but not using ssh. That time i got the error of “debug3: channel 0: status: The following connections are open: #0 client-session (t4 r0 i0/0 o0/0 fd 5/6 cc -1)”. This is after auth is successful with confd.