Skip to content

Using TLS 1.3 FreeBSD and Upgrade System (maybe you upgrade to freebsd 13.0)

1. Prepare: upgrade src tree and ports tree

Recommand to use svnlite

The first time to run svnlite:

svnlite co https://svn.freebsd.org/base/head /usr/src
svnlite co https://svn.freebsd.org/ports/head /usr/ports

Then you type Ctrl + C to interrupt it and run scripts:

filename: update-src.mksh
#!/bin/mksh

while true; do
        svnlite cleanup /usr/src
        svnlite up /usr/src
        if [ $? -eq 0 ]; then
                break
        fi
done
filename: update-ports.mksh
#!/bin/mksh

while true; do
        svnlite cleanup /usr/ports
        svnlite up /usr/ports
        if [ $? -eq 0 ]; then
                break
        fi
done

2. Rebuild FreeBSD and upgrade the Base System.

https://www.freebsd.org/doc/handbook/makeworld.html

3. mergemaster tips

[Write Pending]

4. Then your system will be having OpenSSL 1.1.1 and support TLS v1.3

(openssl 111)

openssl version -a

https://www.xjail.tiv.cc/posts/index.php?/archives/26-Enable-TLS-1.3-on-FreeBSD-System.html

5. If you run freebsd software with errors such as "libssl.so.9 not found", "libcrypto.so.9 not found"

This is because some applications still rely on old OpenSSL runtime.

• * temporary solution: make symbolic links to those files.

cd /usr/lib
ln -s libssl.so libssl.so.9
ln -s libcrypto.so libcrypto.so.9

• * after pkg upgrade, only a few apps rely on the old OpenSSL runtime, so you only need to rebuild those apps with ports (Take fossil for an example).

pkg update -f
pkg upgrade

cd /usr/ports/devel/fossil
make
make deinstall
make install clean

 

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Form options

Submitted comments will be subject to moderation before being displayed.