Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

I am trying to setup Tomcat with OpenSSL on CentOS. I have downloaded OpenSSL source, Tomcat native libraries source and Tomcat APR.

Compiled all of above mentioned sources, compiled OpenSSL using following options

./config shared
Added generated ".so" files to LD_LIBRARY_PATH. But when I start tomcat I get following error and tomcat does not start
/usr/java/jre1.7.0_51/bin/java: symbol lookup error: /usr/local/apr-1.5.1/lib/libtcnative-1.so.0.1.32: undefined symbol: EC_KEY_new_by_curve_name
Am I missing any command line arguments for compiling OpenSSL? BTW I referred https://wiki.openssl.org/index.php/Compilation_and_Installation to compile OpenSSL.
To compile Apache native libraries I referred - http://tomcat.apache.org/native-doc/
I have got the same issue. 
I was trying to start Tomcat with tcnative that I have built by myself on another machine but with the same architecture and OS.
It seems that OpenSSL, that was already installed in my SunOS was built without ECC support due to some legacy aspects.
See the OpenSSL user guide http://www.openssl.org/docs/fips/UserGuide-2.0.pdf under "ECC and the NSA sublicense".
What I've done was to rebuild once again the libraries. For SunOS 11.2 with Sun-studio compiler:
OpenSSL (1.0.2d):
  
./Configure solaris64-x86_64-cc --openssldir=/work/shared/openssl --libdir=lib shared zlib-dynamic
APR (1.52):
  
./Configure CC=cc CFLAGS="-m64" LDFLAGS="-m64" --prefix=/work/shared/apr --exec-prefix=/work/shared/apr
TCNATIVE (1.1.33):
  
./configure CC=cc --prefix=/work/shared/tcnative --with-apr=/work/shared/apr --with-ssl=/work/shared/openssl --with-java-home=/usr/jdk/jdk1.7.0_80 CFLAGS="-m64 -fPIC" LDFLAGS="-m64"
Also in Tomcat/bin folder I have created setenv.sh with the following contents:
  
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib:/work/shared/tcnative/lib export LD_LIBRARY_PATH 
  JAVA_OPTS="-d64 -Djava.library.path=/work/shared/tcnative/lib:/usr/jdk/latest/lib -Dfile.encoding=UTF-8 -Xms512m -Xmx512m -XX:NewSize=256m -XX:MaxNewSize=256m -XX:PermSize=256m -XX:MaxPermSize=512m -XX:+OptimizeStringConcat -XX:+UseStringCache -XX:+DisableExplicitGC"
  export JAVA_OPTS
As you can see I have used Prefix path everywhere to avoid overriting files in the system folders. I'm not sure 100% about the reason of the fix, but the mentioned steps may help you.
Update:
Checking with "ldd libtcnative-1.so" on the problematic environment it looks like when the system cannot find apr and openssl libraries from the paths from where they were taken during the compilation it takes them from default system folder and here is the surprise - Hello OpenSSL without ECC.
So if you build all 3 in the same place and just copy this preconfigured folder to a new system maintaining the same path (if necessary) - everything should work without touching any system libraries.
        
Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.