Enabling ssl providers on language bindings

[csolamx]

Discussed in #4387

^{Originally posted by csolamx August 7, 2023}
Hello,

I am using librdkafka through confluent-kafka-dotnet. I need to implement a legacy ssl provider, so I am using

"SslProviders": "default,legacy"

However, I get the following exception:

rdkafka#consumer-18| [thrd:app]: error:12800067:DSO support routines::could not load the shared library: filename(C:\semaphore-agent\vcpkg\packages\openssl_x64-windows\bin\legacy.dll)

Failed to load OpenSSL provider "legacy": error:07880025:common libcrypto routines::reason(524325): name=legacy

I found a workaround here. I can't use it because I have no control on what can be installed on my dev environment or the servers. Is there some other way to enable legacy ssl providers on confluent-kafka-dotnet?

Regards

[emasab]

Hello the instructions are the same as for the FIPS provider. Documentation here. You need to set the OPENSSL_MODULES env variable to the folder that contains the legacy provider and optionally OPENSSL_CONF with openssl.cnf file location.

We need to add librdkafka specific documentation too.

[csolamx]

Thank you @emasab, I hadn't had the chance to test it but it worked as a charm.