-
Bug
-
Resolution: Done
-
Undefined
-
None
-
rhel-10.0
-
None
-
No
-
Important
-
rhel-sst-cs-databases
-
8
-
False
-
-
None
-
None
-
None
-
None
-
-
All
-
None
Dear colleagues,
We got aware that your component relies on openssl/engine.h header that is not shipped with OpenSSL in CentOS 10/RHEL 10 any more.
Engines are not FIPS compatible and corresponding API is deprecated since OpenSSL 3.0. The engine functionality we are aware of (PKCS#11, TPM) is either covered by providers maintained by Crypto Team now or will be covered soon.
As we removed the header some time ago, we kindly ask you to check that your component is buildable without it and if necessary implement patches to eliminate the dependency. Looks like your code doesn't rely on on ENGINE API so the headeer seems redundant. The compilation of applications using the ENGINE API or the header is now impossible.
Feel free to reach the Crypto team, Dmitry Belyavskiy, Sahana Prasad, or Clemens Lang directly if you have any problems with the necessary changes.
- split to
-
RHEL-57775 Work with upstream on removal of usage of OpenSSL ENGINE API
- Planning