Page MenuHomePhabricator

Very hard to use a openssl not in /usr
Open, Needs TriagePublic

Description

tools/cert_create and tools/encrypt_fw set OPENSSL_DIR := /usr, which means if openssl isn't in /usr it's non-trivial to set a different directory, for example in a Yocto cross environment where openssl-native is in the native sysroot.

I can't export OPENSSL_DIR, I can't pass OPENSSL_DIR to make (as it doesn't get passed down to the sub-make). The only solution is to edit the makefile directly.

Event Timeline

Hi @rossburton,

@ManishVB-Arm has posted a patch to address your issue, see https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/5119
Would you mind taking a look and letting us know whether it fixes the issue for you?

Regards,
Sandrine