/usr/local/lib64/libzip.so, may conflict with libcrypto.so.1.1

[Active8]

One of our servers have php 7.3 & 7.4 (second php ) installed, when rebuilding 7.4 version we get this error:

/usr/bin/ld: warning: libcrypto.so.10, needed by /usr/local/lib64/libzip.so, may conflict with libcrypto.so.1.1

Strange thing here is that 7.3 version don't give this error, deleting and rebuilding PHP 7.4 did not help.
Server is doing fine, all sites are up and running with 7.4 selected but I don't like warning messages

Server OS: Almalinux 8.5

Any idea?

 

[Richard G]

Could they be correct with the cause? Same error.

How do I fix OpenSSL Error "libssl.so.10, needed by lib64/libldap.so, may conflict with libssl.so.1.1" when Compiling PHP on CentOS 7?

I'm starting out with a completely clean install of CentOS 7 with nothing installed. Starting out, I have yum installed these RPM's: make mlocate pcre-devel expat-devel epel-release libxml2-devel...

stackoverflow.com

 

[Active8]

Hi @Richard G , yes i have found that but this one is about libldap.so and not libzip.so so its different.
I still dont understand why it only gave this warning with PHP 7.4 and not 7.3 , I have asked this question at Almalinux chat and waiting for an aswer but in the meantime maybe someone recognize this and can help me

 

[Richard G]

but this one is about libldap.so and not libzip.so so its different.

You meen libssl.so is different, because libzip.so is only using it... sorry.. my miss there indeed.

Might be libzip.so is linked to the old openssl version 1.0.2 and php is linked to the new version, openssl 1.1.1.

Still odd that this does not give any warning on compiling php 7.4 and not 7.3. Do you have libcrypto.so.10 still somewhere on your Alma machine?

Also.... I'm running a server converted to Alma 8.5 too with 3 php versions. If you could tell me an easy way to monitor if I get the same warning I can check for you if it also happens on my system. But compiling goes that fast that I might miss the line.
So if you have an idea how to catch that line during compilation, I will gladly test it for you by recompiling php 7.4 on my Alma server.

 

[Richard G]

Ah lol, I was just upgrading my php versions on Alma anyway and I didn't see a warning on php 7.4 but I would gladly try again for you.
However, I've seen this one flying by when compiling php 7.3. I'll type it over because I took a screenshot and can't copy and paste.

WARNING:
Use of bundled libzip is deprecated and will be removed.
Some features such as encryption and bzip2 are not available.
Use system library and --with-libzip is recommended.

So I went looking a bit further and found this which might explain why you only get the error in php 7.4.

build libzip ?

From cheet sheet at https://forum.directadmin.com/showthread.php?t=58211 there seems to be a build libzip option but curious which DirectAdmin software is going to make use of the build libzip library ? I ask as PHP-FPM default configuration compiles are done with --without-libzip apparently...

forum.directadmin.com

so it seems it's not bundled with php 7.4 anymore. So maybe it should be done another way with 7.4.

 

[Active8]

Might be libzip.so is linked to the old openssl version 1.0.2 and php is linked to the new version, openssl 1.1.1.

That is also what I am thinking, This is an box where an inplace upgrade from Centos 7 was made

Do you have libcrypto.so.10 still somewhere on your Alma machine?

I do : libcrypto.so: /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so

Still odd that this does not give any warning on compiling php 7.4 and not 7.3

Other servers also with Almalinux 8.5 installed builds PHP 7.3 & 7.4 without warnings / problems, so It is an isolated issue.

 

[Richard G]

I do : libcrypto.so: /usr/lib64/libcrypto.so.10 /usr/lib64/libcrypto.so

Aha... I wonder where that is coming from. Reason I asked was because I have the in place Centos 8 upgrade. And I don't have that file present.
So probably this is some leftover of Centos 7 which should be removed like the chkconfig stuff.
Because I do have these files on my Centos 7 machines.

Maybe if you do a repo check and find both openssl versions installed that you can uninstall the 1.0.2 version.

 

[Active8]

So probably this is some leftover of Centos 7 which should be removed like the chkconfig stuff.

Maybe, when this problem is solved , I will add this also to the how to

Maybe if you do a repo check and find both openssl versions installed that you can uninstall the 1.0.2 version.

I am afraid that I would mess openssl, any steps I can take ?

 

[Richard G]

I am afraid that I would mess openssl, any steps I can take ?

If all is well, most should be linked to the new one. I'm not a specialist in this, but in any case I would start looking if there are 2 versions installed.
Maybe like this:
rpm -qa openssl
If there are 2 versions, then it probably should give no problem uninstalling the old version and running a ./build all d again just to be sure.
The only thing I would worry about is that it wouldn't disturb SSH access.

The only other thing I can imagine to do is to report this as issue on Github with the Alma conversion script. If they know abot the chkconfig and openssl issue, they might even fix it in the script so others don't have to care about it anymore in the future.

 

[Active8]

Maybe like this:
rpm -qa openssl

rpm -qa openssl
openssl-1.1.1k-4.el8.x86_64

So no only one is installed and it seems for the rest ok:

Last metadata expiration check: 0:32:07 ago on Sat 20 Nov 2021 05:44:43 PM CET.
Installed Packages
Name : openssl
Epoch : 1
Version : 1.1.1k
Release : 4.el8
Architecture : x86_64
Size : 1.1 M
Source : openssl-1.1.1k-4.el8.src.rpm
Repository : @System
From repo : baseos
Summary : Utilities from the general purpose cryptography library with TLS
: implementation
URL : http://www.openssl.org/
License : OpenSSL and ASL 2.0
Description : The OpenSSL toolkit provides support for secure communications
: between machines. OpenSSL includes a certificate management tool
: and shared libraries which provide various cryptographic
: algorithms and protocols.

Leaving as is , maybe someone has an idea

 

[RoRoo]

Experienced the same errors after migrating from Centos 7 to AlmaLinux 8.5
Have tried moving the libcrypto.so.10 but it just gets regenerated after a while / reboot.

Running openssl version is "OpenSSL 1.1.1k FIPS 25 Mar 2021"

I have removed 2 custom configure.php7x files and rebuild the PHP on the machine, the error was gone.
Also fixing an error regarding IMAP since these were no longer being used:

--with-imap=/usr/local/imap-2007f --with-imap-ssl

 

[Active8]

I have removed 2 custom configure.php7x files and rebuild the PHP on the machine, the error was gone.

Glad to hear that is solved, would you share the steps you had took so others (and I) can benefit ?

 

[Active8]

Migrating from Centos 7 to AlmaLinux 8.5

Did you encounter any problems? if yes please share with other forums users please