Does librdkafka v2.8.0 require OpenSSL 3.0+? Build fails on older versions

[yoonhyunwoo]

Description

During compilation, a warning about the implicit declaration of the SSL_CTX_use_cert_and_key function is generated, causing the build to fail.
This issue occurs in the rdkafka_ssl.c file due to the use of the SSL_CTX_use_cert_and_key function, which seems to require a newer OpenSSL version than what is available on Ubuntu 16.04 (OpenSSL 1.0.2).

How to reproduce

1. Ensure OpenSSL 1.0.2 is installed on Ubuntu 16.04.
2. Attempt to build librdkafka with the following commands:

   ./configure && make

3. The following warning and build failure occurs:

    rdkafka_ssl.c: In function 'rd_kafka_ssl_set_certs':
    rdkafka_ssl.c:1533:21: warning: implicit declaration of function 'SSL_CTX_use_cert_and_key' [-Wimplicit-function-declaration]
                      r = SSL_CTX_use_cert_and_key(ctx, cert, pkey, ca, 1);
                          ^
   

---

Checklist

• librdkafka version (release number or git tag): v2.8.0
• Apache Kafka version: <replace with the version you are using>
• librdkafka client configuration: <replace with the configuration you are using>
• Operating system: Ubuntu 16.04
• Provide logs (with debug=.. as necessary) from librdkafka: <add relevant logs>
• Provide broker log excerpts: <add relevant logs>
• Critical issue

---

Question

The default OpenSSL version on Ubuntu 16.04 is 1.0.2, which does not seem to support the SSL_CTX_use_cert_and_key function. Since PR #3535, this function is required for librdkafka to build successfully.

Was this behavior intended?
The SSL_CTX_use_cert_and_key function appears to be available only in OpenSSL 3.0+, which might make it impossible to build librdkafka on systems with older OpenSSL versions (e.g., 1.0.2 on Ubuntu 16.04).

If this is intentional, should users upgrade to OpenSSL 3.0+ to build librdkafka? If not, would adding backward compatibility for older OpenSSL versions (e.g., 1.1.1) be considered?