[Info-vax] VSI STunnel question
Duncan Morris
duncanjmmorris at gmail.com
Tue Apr 11 15:49:06 EDT 2023
On Tuesday, 11 April 2023 at 15:33:55 UTC+1, Rich Jordan wrote:
> Got a customer moving from HP VMS (Integrity) to VSI. They currently use STunnel-4_20 from HP with SSL1 V1.0.20 (OpenSSL 1.0.2o), and a test upgrade to VSI VMS without updating SSL1 has it working in the same environment. This is using self signed certs (CA on VMS) and strictly within the company's networks.
>
> The VSI STunnel V5.56 says it was built with OpenSSL V1.1.1g and statically linked. The package does NOT list SSL/SSL1 as a prereq in the release notes; does that mean it should work as a standalone package without regard to the version of SSL/SSL1 installed (or if SSL/SSL1 is even installed at all)?
>
> I'm waiting on the customer to provide their VSI support info, so asking here first. Thanks!
As it is statically linked, there is no call out to the SSL shareable images. Rather all the required SSL modules are already included in the image, leaving no pre-requisites.
I understand that the next VSI stunnel release will be statically linked with SSL 3.0.x.
I personally maintain a port of stunnel for OpenVMS for our customers. i used to link the image dynamically against the shareable SSLx images. However, as the clients vary widely in their installed levels of SSLSSL1/SSL3, I now link our image statically with SSL3 and am able to implement it regardless of the client's patch levels.
More information about the Info-vax
mailing list