[Interest] Linux openssl 1.1.0 versus 1.0.X
Thiago Macieira
thiago.macieira at intel.com
Sat Sep 15 18:06:22 CEST 2018
On Saturday, 15 September 2018 03:51:29 PDT maitai wrote:
> Hello,
>
> Some of my users have started migrating to Ubuntu 18.04 and since it
> comes with openssl 1.1.0 the app cannot connect anymore. As I understand
> qt 5.11.1 prebuild binaries are built against openssl 1.0.X.
>
> Is there a simple way to deploy my application with openssl 1.0.X
> libraries so it will use that instead of the system library? I didn't
> succeed so far so any hint is welcomed.
It's not recommended because OpenSSL is a security library. If you want to
ship it, you'll have to monitor the CVEs that are filed against it, apply the
patches as soon as they are released and issue and update of your application
every time a patch or OpenSSL releases. That will happen a dozen times a year.
It's simpler to have two builds of your application, one with OpenSSL 1.0 and
one with 1.1, letting the user decide which one to download. Better yet, make
it a single download and let your installer decide which one to install based
on the system's libraries.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
More information about the Interest
mailing list