Error "symbol xxx not defined in file libcrypto.so.1.1" Is Displayed During HA Certificate Generation
Issue
During HA certificate replacement, when a user runs the sh ${OMS_RUN_PATH}/workspace/ha/module/hacom/script/gen-cert.sh --root-ca --country=CN --state=state --city=city --company=company --organize=organize --common-name=commonname --email=Cluster user mailbox command to generate root-ca.crt and root-ca.pem in the ${OMS_RUN_PATH}/workspace0/ha/local/cert directory on the active management node, the following error message is displayed:
openssl: relocation error: openssl: symbol BIO_new_dgram_sctp version OPENSSL_1_1_0 not defined in file libcrypto.so.1.1 with link time referencecreate server private key failed.
Cause Analysis
- OpenSSL may have been changed and is not the default /usr/bin/openssl.
- The dynamic library dependency libcrypto.so.1.1 cannot be found.
- If the cluster version is 3.2.0 or earlier, the environment variable configuration command (for example, source bigdata_env) may have been executed or the environment variable may have been changed before the operation. This issue has been resolved in versions later than 3.2.0.
Procedure
- Log in to the active management node using its IP address as user omm.
- Run the following command to check whether the command output is /usr/bin/openssl. If it is not, change OpenSSL to the default /usr/bin/openssl.
which openssl
- Run the following command to check the dynamic library dependency:
ldd /usr/bin/openssl
The command output is as follows:
[omm@xxx ~]$ ldd /usr/bin/openssl linux-vdso.so.1 (0x0000ffffaf016000) libssl.so.1.1 => /usr/lib64/libssl.so.1.1 (0x0000ffffaee7a000) libcrypto.so.1.1 => /usr/lib64/libcrypto.so.1.1 (0x0000ffffaebc2000) libz.so.1 => /usr/lib64/libz.so.1 (0x0000ffffaeb91000) libdl.so.2 => /usr/lib64/libdl.so.2 (0x0000ffffaeb70000) libpthread.so.0 => /usr/lib64/libpthread.so.0 (0x0000ffffaeb3b000) libc.so.6 => /usr/lib64/libc.so.6 (0x0000ffffae9c5000) /lib/ld-linux-aarch64.so.1 (0x0000ffffaefe8000)
Check whether libcrypto.so.1.1 in the command output points to a value. If not found is displayed, run the following command to load libcrypto.so.1.1:
echo $LD_LIBRARY_PATH
- Check whether a non-system OpenSSL library is loaded in the system library environment variables. If yes, change it to the default OpenSSL library of the system.
- If the fault persists, contact technical support.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot