OpenSSL 연결을 거부하는 Homebrew

OpenSSL 연결을 거부하는 Homebrew

---

OSX 10.11.6, Homebrew 버전 0.9.9m OpenSSL 0.9.8zg 2015 년 7 월 14 일

나는 dotnetcore를 가지고 놀고 그들의 지시 에 따라 노력하고 있습니다 .

최신 버전의 openssl을 업그레이드 / 설치했습니다.

> brew install openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2h_1.el_capitan.bottle.tar.gz
Already downloaded: /Users/administrator/Library/Caches/Homebrew/openssl-1.0.2h_1.el_capitan.bottle.tar.gz
==> Pouring openssl-1.0.2h_1.el_capitan.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
  /usr/local/etc/openssl/certs

and run
  /usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local.

Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries

Generally there are no consequences of this for you. If you build your
own software and it requires this formula, you'll need to add to your
build variables:

    LDFLAGS:  -L/usr/local/opt/openssl/lib
    CPPFLAGS: -I/usr/local/opt/openssl/include

그러나 openssl을 연결하려고하면이 연결 오류가 계속 발생합니다.

> brew link --force openssl
Warning: Refusing to link: openssl
Linking keg-only OpenSSL means you may end up linking against the insecure,
deprecated system version while using the headers from the Homebrew version.
Instead, pass the full include/library paths to your compiler e.g.:
  -I/usr/local/opt/openssl/include -L/usr/local/opt/openssl/lib

컴파일러 플래그를 포함하는 옵션은 내가 의존하는 라이브러리를 컴파일하지 않기 때문에 의미가 없습니다.

편집 dotnetcore는 감독의 지시를 업데이트했습니다 :

brew update    
brew install openssl    
ln -s /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib /usr/local/lib/    
ln -s /usr/local/opt/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/

---

다른 답변에 대한 업데이트에서 알 수 있듯이 이전 openssl101 brew 설치 방법은 더 이상 작동하지 않습니다. 올바른 해결 방법 은 dotnet / cli # 3964에 대한 주석을 참조하십시오 .

문제의 가장 관련성있는 부분이 여기에 복사되었습니다.

라이브러리에서 rpath를 설정하기 위해 제안 된 다른 옵션을 살펴 보았습니다. 다음은이 특정 라이브러리에만 영향을 미치는 더 나은 솔루션이라고 생각합니다.

sudo install_name_tool -add_rpath /usr/local/opt/openssl/lib /usr/local/share/dotnet/shared/Microsoft.NETCore.App/1.0.0/System.Security.Cryptography.Native.dylib

NETCore 1.0.1을 설치 한 경우 1.0.1에 대해서도 동일한 명령을 수행하십시오.

sudo install_name_tool -add_rpath /usr/local/opt/openssl/lib /usr/local/share/dotnet/shared/Microsoft.NETCore.App/1.0.1/System.Security.Cryptography.Native.dylib

실제로 운영 체제에 항상 홈 브루 크 버전의 SSL을 사용하도록 지시하고 잠재적으로 문제가 발생하는 대신 닷넷에 올바른 라이브러리를 찾는 방법을 알려줍니다.

또한 중요한 점은 Microsoft가 문제를 알고 있으며 a) 완화 할 다소 즉각적인 계획과 b) 장기적인 솔루션 (OpenSSL과 dotnet을 번들로 묶음)을 모두 가지고있는 것 같습니다.

주목해야 할 또 다른 사항 /usr/local/opt/openssl/lib은 추출이 기본적으로 연결되는 위치입니다.

13:22 $ ls -l /usr/local/opt/openssl
lrwxr-xr-x  1 ben  admin  26 May 15 14:22 /usr/local/opt/openssl -> ../Cellar/openssl/1.0.2h_1

If for whatever reason you install the brew and link it in a different location, then that path is the one you should use as an rpath.

Once you've update the rpath of the System.Security.Cryptography.Native.dylib libray, you'll need to restart your interactive session (i.e., close your console and start another one).

---

This is what worked for me:

brew update
brew install openssl
ln -s /usr/local/opt/openssl/lib/libcrypto.1.0.0.dylib /usr/local/lib/
ln -s /usr/local/opt/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/
ln -s /usr/local/Cellar/openssl/1.0.2j/bin/openssl /usr/local/bin/openssl

Thanks to @dorlandode on this thread https://github.com/Homebrew/brew/pull/597

NB: I only used this as a temporary fix until I could spend time correctly installing Openssl again from scratch. As I remember I spent best part of a day debugging and having issues before I realised the best way was to manually install the certs I needed one by one. Please read the link in @bouke's comment before attempting this.

---

None of these solutions worked for me on OS X El Capitan 10.11.6. Probably because OS X has a native version of openssl that it believes is superior, and as such, does not like tampering.

So, I took the high road and started fresh...

---

Manually install and symlink

cd /usr/local/src  

• If you're getting "No such file or directory", make it:

  cd /usr/local && mkdir src && cd src

Download openssl:

curl --remote-name https://www.openssl.org/source/openssl-1.0.2h.tar.gz

Extract and cd in:

tar -xzvf openssl-1.0.2h.tar.gz
cd openssl-1.0.2h

Compile and install:

./configure darwin64-x86_64-cc --prefix=/usr/local/openssl-1.0.2h shared
make depend
make
make install

Now symlink OS X's openssl to your new and updated openssl:

ln -s /usr/local/openssl-1.0.2h/bin/openssl /usr/local/bin/openssl

Close terminal, open a new session, and verify OS X is using your new openssl:

openssl version -a

---

Just execute brew info openssland read the information where it says:

If you need to have this software first in your PATH run: echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile

---

If migrating your mac breaks homebrew:

I migrated my mac, and it unlinked all my homebrew installs - including OpenSSL. This broke gem install, which is how I first noticed the problem and started trying to repair this.

After a million solutions (when migrating to OSX Sierra - 10.12.5), the solution ended up being comically simple:

brew reinstall ruby
brew reinstall openssl

---

After trying everything I could find and nothing worked, I just tried this:

touch ~/.bash_profile; open ~/.bash_profile

Inside the file added this line.

export PATH="$PATH:/usr/local/Cellar/openssl/1.0.2j/bin/openssl"

now it works :)

Jorns-iMac:~ jorn$ openssl version -a
OpenSSL 1.0.2j  26 Sep 2016
built on: reproducible build, date unspecified
//blah blah
OPENSSLDIR: "/usr/local/etc/openssl"

Jorns-iMac:~ jorn$ which openssl
/usr/local/opt/openssl/bin/openssl

---

I have a similar case. I need to install openssl via brew and then use pip to install mitmproxy. I get the same complaint from brew link --force. Following is the solution I reached: (without force link by brew)

LDFLAGS=-L/usr/local/opt/openssl/lib 
CPPFLAGS=-I/usr/local/opt/openssl/include
PKG_CONFIG_PATH=/usr/local/opt/openssl/lib/pkgconfig 
pip install mitmproxy

This does not address the question straightforwardly. I leave the one-liner in case anyone uses pip and requires the openssl lib.

Note: the /usr/local/opt/openssl/lib paths are obtained by brew info openssl

---

This worked for me:

 brew install openssl
 cd /usr/local/include 
 ln -s ../opt/openssl/include/openssl .

---

The solution above from edwardthesecond worked for me too on Sierra

 brew install openssl
 cd /usr/local/include 
 ln -s ../opt/openssl/include/openssl 
 ./configure && make

Other steps I did before were:

• installing openssl via brew

  brew install openssl
  

• adding openssl to the path as suggested by homebrew

  brew info openssl
  echo 'export PATH="/usr/local/opt/openssl/bin:$PATH"' >> ~/.bash_profile
  

---

Note: this no longer works due to https://github.com/Homebrew/brew/pull/612

I had the same problem today. I uninstalled (unbrewed??) openssl 1.0.2 and installed 1.0.1 also with homebrew. Dotnet new/restore/run then worked fine.

Install openssl 101:
brew install homebrew/versions/openssl101
Linking:
brew link --force homebrew/versions/openssl101

---

for me this is what worked...

I edited the ./bash_profile and added below command

export PATH="/usr/local/opt/openssl/bin:$PATH"

참고URL : https://stackoverflow.com/questions/38670295/homebrew-refusing-to-link-openssl