When attempting to cargo install tuftool on a fresh install of Ubuntu 20.04, the following error is thrown. The error message has a hint, but we should mention the dependency in the documentation.

The answer is to install libssl-dev on Ubuntu or openssl-devel on Fedora.

  run pkg_config fail: "`\"pkg-config\" \"--libs\" \"--cflags\" \"openssl\"` did not exit successfully: 
exit status: 1\nerror: could not find system library 'openssl' required by the 'openssl-sys' crate\n\n--- stderr

Package openssl was not found in the pkg-config search path.\nPerhaps you should add the directory containing `openssl.pc'
Into the PKG_CONFIG_PATH environment variable\nNo package 'openssl' found"  

--- stderr
  thread 'main' panicked at '  Could not find directory of OpenSSL installation, and this `-sys` crate cannot
  proceed without this knowledge. If OpenSSL is installed and this crate had
  trouble finding it,  you can set the `OPENSSL_DIR` environment variable for the
  compilation process.  

Make sure you also have the development packages of openssl installed.
  For example, `libssl-dev` on Ubuntu or `openssl-devel` on Fedora.

Is this still an issue after #569?

Is this still an issue after #569?

I'm not sure - the PR mentions there is still a dependency on openssl-probe. Will need to look at the dependencies for that crate.

This is still an issue - just attempted this on a fresh install of Ubuntu 20.04 with the latest Rust and build-essential installed.

Can we get rid of the openssl-probe dependency if we're not actually linking to openssl? Seems weird to install a devel package with no runtime dependency.

I can investigate this since openssl-probe is a dependency of rustls-native-certs which exists in the rustls dependency chain and seems to be a leftover of #569

When attempting to cargo install tuftool on a fresh install of Ubuntu 20.04

Note that the cargo install tuftool command will install the latest tuftool package from crates.io: this was last published in October of 2022. So this doesn't yet have my changes which removes the openssl rust code dependencies.

However.

tuftool (unfortunately) shills out to openssl on the system since ring (which is used by rustls) does not yet support RSA key generation:

Therefore, we should still document the system dependency on openssl. #569 only removed rust code dependencies on openssl (mostly in reqwest). All that openssl-probe is doing is checking and loading well known openssl certificate locations on the filesystem in order to use the systems existing certificate chain in rustls. This doesn't require openssl as a dependency.

@zmrow - what results do you get when you attempt the following? This should attempt to use the latest changes without the openssl code dependencies

cargo install --git https://github.com/awslabs/tough --branch develop tuftool