Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-65898

csfle library: initialization fails with OpenSSL error on RHEL 7.6, SLES 12

      Initializing the csfle shared library fails on RHEL 7.6, SLES 12, and possibly others.

      In a standalone binary that only loads the shared library, dlopen() fails with:

      symbol SSL_CTX_get0_certificate, version OPENSSL_1.0.0 not defined in file libssl.so.1.0.0 with link time reference
      

      In a Node.js process (where OpenSSL is statically linked in – tested with Node.js 14.19.1/OpenSSL 1.1.1n), lib_create() fails with:

      csfle lib_create() failed: Global initialization failed :: caused by :: Can not set supported cipher suites with config string "HIGH:!EXPORT:!aNULL@STRENGTH": error:08064066:object identifier routines:OBJ_create:oid exists [Error 2, code 140]
      

      This has some potential overlap with SERVER-63703 in that removing uses of OpenSSL inside the shared library seems like a good potential fix.

            Assignee:
            sergey.galtsev@mongodb.com Sergey Galtsev (Inactive)
            Reporter:
            anna.henningsen@mongodb.com Anna Henningsen
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: