Guido, <br><br>I just had an idea. Why not use Apple&#39;s libssl.so that comes with Leopard Server, which can be found in:<br><br>/usr/libexec/httpd/libssl.so<br><br>Based on the output of otool, Apple has built libssl.so
 against OpenSSL 0.9.7 rather than the troublesome 0.9.8:<br><br>$ otool -L libssl.so<br><br>libssl.so:<br>&nbsp;&nbsp;&nbsp; /usr/lib/libssl.0.9.7.dylib (compatibility version 0.9.7, current version 0.9.7)<br>&nbsp;&nbsp;&nbsp; /usr/lib/libcrypto.0.9.7.dylib (compatibility version 
0.9.7, current version 0.9.7)<br>&nbsp;&nbsp;&nbsp; /usr/lib/libgcc_s.1.dylib (compatibility version 1.0.0, current version 1.0.0)<br>&nbsp;&nbsp;&nbsp; /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 111.0.0)<br><br>Is there any reason why libssl could not be used in place of mod_ssl for those running MacPorts on Leopard Server? I don&#39;t spend enough of my time in the depths of Apache but I think I will try this out and see what happens. Note: if this solution works, it would 
<span style="text-decoration: underline;">not</span> solve the problem for people who are running Leopard but not Leopard Server.<br><br>Thanks,<br><br>T.M.<br><br><br><br><div><span class="gmail_quote">On 1/6/08, <b class="gmail_sendername">
Tabitha McNerney</b> &lt;<a href="mailto:tabithamc@gmail.com">tabithamc@gmail.com</a>&gt; wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><br><div><span class="q"><span class="gmail_quote">On 1/5/08, <b class="gmail_sendername">Guido Soranzio</b> &lt;<a href="mailto:guido.soranzio@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
guido.soranzio@gmail.com</a>&gt; wrote:</span></span><div><span class="e" id="q_1174e961fd1e2f7c_2"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">

<br>On Jan 6, 2008, at 10:23 AM, Tabitha McNerney wrote:<br><br>&gt; It sounds as if stripping that would would mean that I would not be<br>&gt; able to use OpenSSL 0.9.7. Hmmm ... that&#39;s a bummer.<br><br>&quot;-export-symbols-regex&quot; is an option for libtool that limits the
<br>symbols exported by a module.<br><br>I don&#39;t have yet tested this workaround on apache2, but under Leopard<br>omitting this option from other troublesome makefiles makes accessible<br>again the symbols reported as not to find.
<br><br>Here is a positive report on the &quot;Symbol not found:<br>_ssl_cmd_SSLCACertificateFile&quot;<br>error which happens otherwise with the current apache2 port:<br><br>&lt;<a href="http://www.nabble.com/Re%3A-Apache2%3A-Default-configuration-does-not-work--p14563107.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">

http://www.nabble.com/Re%3A-Apache2%3A-Default-configuration-does-not-work--p14563107.html</a><br> &gt;</blockquote></span></div><div><br>Hi Guido,<br><br>Thanks for extra pointer. This seems worth trying out. I would rather stay with OpenSSL 
0.9.8g only (instead of having two versions of OpenSSL). I will give this a try and see what I can come up with and will post my findings to this email thread on the list.<br><br>Best,<br><br>T.M.<br></div></div><br>
</blockquote></div><br>