Nginx + boringSSL

Harold.Miao miaohonghit at gmail.com
Tue Jul 22 03:24:48 UTC 2014


Looks interesting :)

Alex Hunsaker <badalex at gmail.com>于2014年7月14日星期一写道:

> I've started playing around with boringssl with nginx.
>
> Mostly everything works except OCSP. Seems like either openssl 1.0.2
> which boringssl was forked from does not have it, or the boringssl
> folk ripped it out. I have not investigated.
>
> Anyway, I'm please to report everything seems to work!
>
> --
> # first boringssl
> git clone https://boringssl.googlesource.com/boringssl
> cd boringssl
> # for when building on openbsd, also enables -O2, boringssl is a debug
> build by default
> cat boringssl_openbsd.patch | patch -p1 -N -s
> mkdir build && cd build && cmake ../ && cd ..
> # setup stuff for nginx
> mkdir -p .openssl/lib
> ln -s include .openssl/
> cp build/crypto/libcrypto.a build/ssl/libssl.a .openssl/lib
>
> # now for nginx
> tar xvzf nginx-1.6.0.tar.gz
> cd nginx-1.6.0
> cat ../boringssl_nginx.patch | patch -p1 -N -s
> ./configure --with-openssl=../boringssl ...
> # update timestamp so nginx won't try to build openssl
> touch ../boringssl/.openssl/include/ssl.h
> make
>


-- 

Best Regards,
Harold Miao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140722/75f185dc/attachment.html>


More information about the nginx mailing list