Feb 27 20:28:02 sheelba.scrye.com dnssec-triggerd[1397]: Feb 27 20:28:02 dnssec-triggerd[1397] error: could not set SSL_OP_NO_SSLv2 crypto error:00000000:lib(0):func(0):reason(0) Feb 27 20:28:02 sheelba.scrye.com dnssec-triggerd[1397]: Feb 27 20:28:02 dnssec-triggerd[1397] error: cannot setup SSL context Feb 27 20:28:02 sheelba.scrye.com dnssec-triggerd[1397]: Feb 27 20:28:02 dnssec-triggerd[1397] fatal error: could not init server Feb 27 20:28:02 sheelba.scrye.com systemd[1]: dnssec-triggerd.service: Main process exited, code=exited, status=1/FAILURE This was fixed in the debian package and there's even a PR against the dnssec-trigger github repo: https://github.com/NLnetLabs/dnssec-trigger/pull/1 However, thats an out of date sync of the upstream SVN repo, so the patch doesn't apply cleanly. If we could get this fixed by a local patch in Fedora for now and then sort out the rest that would be great.
Hello Kevin. The github repo is not the actual upstream main source repository. They use SVN on http://www.nlnetlabs.nl/svn/dnssec-trigger/ I'll ping upstream to see if they can merge the fixes and additionally I can rebase the package to svn snapshot.
I included the fix for OpenSSL 1.1.0 from the pull request on GitHub into the Fedora package. I also asked upstream to review the changes in the particular pull request and ideally to merge it. I tested the new package and it seems to work. Fixed in: dnssec-trigger-0.13-2.fc26 dnssec-trigger-0.13-2.fc27
Thanks! Yeah, I know the github isn't upstream, but the debian maintainer who made that PR didn't. ;) Anyhow, thanks for the quick fix.