<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class=""><br class=""></div>Should be addressed by<div class=""><br class=""></div><div class=""><a href="https://github.com/macports/macports-ports/commit/f972290289d1d8370b3ca69554cbcf046c7023fa" class="">https://github.com/macports/macports-ports/commit/f972290289d1d8370b3ca69554cbcf046c7023fa</a></div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 13 Oct 2021, at 9:21 am, Christopher Jones <<a href="mailto:jonesc@hep.phy.cam.ac.uk" class="">jonesc@hep.phy.cam.ac.uk</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class=""><br class="">Sorry, forget the comment below, read it the wrong way around…<br class=""><br class=""><br class=""><br class=""><blockquote type="cite" class="">On 13 Oct 2021, at 9:00 am, Christopher Jones <<a href="mailto:jonesc@hep.phy.cam.ac.uk" class="">jonesc@hep.phy.cam.ac.uk</a>> wrote:<br class=""><br class="">Hi,<br class=""><br class="">Howe does<br class=""><br class="">/opt/local/libexec/openssl11/etc/openssl/cert.pem<br class=""><br class="">get created, as its not actually part of the openssl11 port itself ?<br class=""><br class="">Oberon ~/Projects/MacPorts/ports > port contents openssl11 | grep cert.pem<br class="">Oberon ~/Projects/MacPorts/ports ><br class=""><br class="">Chris<br class=""><br class=""><blockquote type="cite" class="">On 13 Oct 2021, at 5:58 am, Aaron Madlon-Kay <<a href="mailto:amake@macports.org" class="">amake@macports.org</a>> wrote:<br class=""><br class="">Hi all.<br class=""><br class="">I know there are some important changes being made to the OpenSSL<br class="">ports. Today I updated my ports and now have the following installed:<br class=""><br class="">% port installed name:openssl<br class="">The following ports are currently installed:<br class="">openssl @1.1_0 (active)<br class="">openssl10 @1.0.2u_2 (active)<br class="">openssl11 @1.1.1l_2 (active)<br class=""><br class="">Apparently as a result of this, my Ruby environment (managed by rbenv<br class="">+ ruby-build, both available as ports) seems to no longer be able to<br class="">connect to HTTPS hosts.<br class=""><br class="">By some trial and error, I managed to find that symlinking the certs<br class="">installed by the curl-ca-bundle port into the new "real" home of<br class="">OpenSSL solved the problem:<br class=""><br class="">sudo ln -s /opt/local/share/curl/curl-ca-bundle.crt<br class="">/opt/local/libexec/openssl11/etc/openssl/cert.pem<br class=""><br class="">Can anyone point me to a better solution?<br class=""><br class="">I note that the Ruby OpenSSL module (built under the old OpenSSL port<br class="">regime) is linked to /opt/local/lib/{libssl,libcrypto}.1.1.dylib. If I<br class="">rebuild Ruby after updating to the new port regime, it is linked to<br class="">/opt/local/libexec/openssl11/lib/{libssl,libcrypto}.1.1.dylib. Either<br class="">way, SSL connections fail unless I symlink cert.pem as above. There<br class="">are no apparent breakages in the linking itself.<br class=""><br class="">Thanks,<br class="">Aaron<br class=""></blockquote><br class=""></blockquote><br class=""></div></div></blockquote></div><br class=""></div></body></html>