Cannot find ssl libraries when configuring stunnel

Question

I am using RHEL 5.6 and trying to install stunnel with the 'xforwardfor' patch from haproxy to get a setup similar to this (older) post: http://www.buro9.com/blog/2009/12/07/installing-haproxy-load-balance-http-and-https/

When I run ./configure I get the following error:

*snip*
configure: **************************************** SSL
checking for SSL directory... Not found

Couldn't find your SSL library installation dir
Use --with-ssl option to fix this problem

From the stunnel documentation I need to pass a directory that has the ssl libraries (assuming libssl.so ? ) as well as a 'certs' directory.

I've tried creating a /etc/openssl directory with a 'certs' directory and a symlink to /lib64/libssl.so.6 but that didn't work.

What other libraries would I need ?

Update

From the config.log:

It was created by stunnel configure 4.32, which was generated by GNU Autoconf 2.61. Invocation command line was

$ ./configure --with-ssl=/lib64

## --------- ##
## Platform. ##
## --------- ##

uname -m = x86_64
uname -r = 2.6.18-238.12.1.el5
uname -s = Linux
* snip *
configure:23977: **************************************** SSL
configure:23996: checking for SSL directory
configure:24019: result: Not found

And running ls /lib64 | grep ssl:

$ ls -l /lib64 | grep ssl
-rwxr-xr-x 1 root root  315032 Dec  7  2010 libssl.so.0.9.8e
lrwxrwxrwx 1 root root      16 Jul 13 18:48 libssl.so.6 -> libssl.so.0.9.8e

score 5 · Accepted Answer · answered Aug 02 '11 at 18:31

5

I'm guessing you don't have openssl-devel installed.

Here is the stunnel-4.42 configure output I got on a RHEL5.6 server:

**************************************** SSL
checking for SSL directory... /usr/
checking for obsolete RSAref library... no
checking /usr//include/openssl/engine.h usability... yes
checking /usr//include/openssl/engine.h presence... yes
checking for /usr//include/openssl/engine.h... yes

The function check_ssl_dir in configure is looking for /usr/include/openssl/ssl.h which is part of openssl-devel.

Do not pass any options to configure, do any directory creation, or make any symlinks.

answered Aug 02 '11 at 18:31

Mark Wagner

17,764
2
30
47

I was just coming to post this exact answer. I just found out about the openssl-devel package. Thanks! – Derek Downey Aug 02 '11 at 18:41
1

Good Answer. I was encountering a similar same error on Ubuntu and Linux Mint and I found that installing the 'libssl-dev' package helped to fix this error. – John Sep 13 '16 at 12:58

score 1 · Answer 2 · answered Aug 02 '11 at 17:40

1

The certificates live in /etc/openssl and 64 bit software libraries in /lib64. You should not mix those. Assuming that you are on a 64 bit platform and the library exists in /lib64, try this:

./configure --with-ssl=/lib64

...and if it does not work, post the relevant part of "config.log" file to assist you further.

answered Aug 02 '11 at 17:40

snap

1,201
9
17

Thanks for the response. /etc/openssl doesn't exist on my platform (but openssl is installed). The stunnel link states that the ssl library directory should have the 'certs' directory...why is it a bad idea to mix them using symlinks? I added my config.log and ssl-related /lib64 libraries. – Derek Downey Aug 02 '11 at 18:16

score 0 · Answer 3 · answered Jul 09 '21 at 09:52

0

On debian you have to install libssl-dev than you can build stunnel.

answered Jul 09 '21 at 09:52

Hannes

157
8

Cannot find ssl libraries when configuring stunnel

3 Answers3