Could not locate TLS/SSL package OpenLDAP 2.1.25 + BDB 4.2.52

[Chris Paul <cpaul+OpenLDAP+Softwarel@teamrci.com>]

Dear OpenLDAP list,

First of all thank you for such great software. I'm new to this list and 
to OpenLDAP. I'm testing with 3 platforms: OpenBSD (my favorite), Gentoo 
Linux (nice), RedHat Linux (total nightmare). BDB 4.5.52 is installed.

I'm having little trouble getting TLS compiled in with Redhat 9.  I've 
searched the archives and know others have had this trouble. I can't 
really find any solution that works... just hints. So I apologize if I 
am missing something that's already been answered.

I have no trouble compiling it with TLS on OpenBSD. The problem I have 
is with RedHat Linux 9.0 at a customer site. As they are a RedHat shop, 
they want everything running on RedHat.

Here is the procedure I'm trying to use (in bash):

$ export CPPFLAGS='-I/usr/local/BerkeleyDB.4.2/include -I/usr/include 
-I/usr/include/openssl'
$ export LDFLAGS='LDFLAGS='-L/usr/local/BerkeleyDB.4.2/lib -L/lib/tls 
-L/lib'
$ ./configure --sysconfdir=/etc --enable-bdb=yes --disable-ldbm>/tmp/out

When I try and run the configure script I got the error:

configure: warning: Could not locate TLS/SSL package
configure: warning: TLS data protection not supported!

Looking in config.log, I see: and error:

In file included from /usr/include/openssl/ssl.h:179,
                from configure:10987:
/usr/include/openssl/kssl.h:72:18: krb5.h: No such file or directory

So, I commented out this line from /usr/include/openssl/kssl.h:

#include <krb5.h>

Now the configure script finishes without error, but make has a problem:

-fPIC -DPIC -o .libs/tls.lo
In file included from /usr/include/openssl/ssl.h:179,
                from tls.c:33:
/usr/include/openssl/kssl.h:134: parse error before "krb5_enctype"
/usr/include/openssl/kssl.h:136: parse error before "FAR"
/usr/include/openssl/kssl.h:137: parse error before '}' token
/usr/include/openssl/kssl.h:149: parse error before "kssl_ctx_setstring"
/usr/include/openssl/kssl.h:149: parse error before '*' token
/usr/include/openssl/kssl.h:150: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:151: parse error before '*' token
/usr/include/openssl/kssl.h:152: parse error before '*' token
/usr/include/openssl/kssl.h:153: parse error before "kssl_ctx_setprinc"
/usr/include/openssl/kssl.h:153: parse error before '*' token
/usr/include/openssl/kssl.h:155: parse error before "kssl_cget_tkt"
/usr/include/openssl/kssl.h:155: parse error before '*' token
/usr/include/openssl/kssl.h:157: parse error before "kssl_sget_tkt"
/usr/include/openssl/kssl.h:157: parse error before '*' token
/usr/include/openssl/kssl.h:159: parse error before "kssl_ctx_setkey"
/usr/include/openssl/kssl.h:159: parse error before '*' token
/usr/include/openssl/kssl.h:161: parse error before "context"
/usr/include/openssl/kssl.h:162: parse error before "kssl_build_principal_2"
/usr/include/openssl/kssl.h:162: parse error before "context"
/usr/include/openssl/kssl.h:165: parse error before "kssl_validate_times"
/usr/include/openssl/kssl.h:165: parse error before "atime"
/usr/include/openssl/kssl.h:167: parse error before "kssl_check_authent"
/usr/include/openssl/kssl.h:167: parse error before '*' token
/usr/include/openssl/kssl.h:169: parse error before "enctype"
In file included from tls.c:33:
/usr/include/openssl/ssl.h:909: parse error before "KSSL_CTX"
/usr/include/openssl/ssl.h:931: parse error before '}' token
make[2]: *** [tls.lo] Error 1
make[2]: Leaving directory `/home/chrisp/openldap-2.1.25/libraries/libldap'
make[1]: *** [all-common] Error 1
make[1]: Leaving directory `/home/chrisp/openldap-2.1.25/libraries'
make: *** [all-common] Error 1

I'm thinking that I need to disable kerberos another way (?)

thanks,

CP
--
Chris Paul
Rex Consulting - Messaging and Security Solutions
+1 831.338.7712
Key fingerprint = 588A 289C ADE2 08F9 050B  D2A0 DDA4 331D C61B DFD1