HOWTO: Upgrading OpenSSL

I tried this guide but couldnt get it to work. Is there anywhere I can grab an rpm for a newer version of openssl? Fedora legacy has 0.9.6b :\
 
Is there any program I can run from the outside that will test (not ruin) my server for vulnerbilities? (i think thats spelled wrong).
 
Hi all!

I'm running a fresh version of DirectAdmin v1.23.1 (installed by DA sales) under RHE 3.

I have upgraded openssl using the following commands:

Code:
cd /usr/src
wget [url]http://www.openssl.org/source/openssl-0.9.7e.tar.gz[/url]
tar -xvzf openssl-0.9.7e.tar.gz
cd openssl-0.9.7e/

./config --prefix=/usr no-threads shared
make
make test
make install
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig -v

rm -f /lib/libssl.so.4
ln -s /usr/local/ssl/lib/libssl.so.0.9.7 /lib/libssl.so.4
rm -f /usr/lib/libcrypto.so
ln -s /usr/local/ssl/lib/libcrypto.so.0.9.7 /usr/lib/libcrypto.so.0

Then I have rebuild Apache+mod_ssl using the following commads:
Code:
cd /usr/local/directadmin/customapache
rm -f configure.*
./build clean
./build update
./build all

Everything seems to run ok, except the fact that my phpinfo shows different versions of openssl. :eek:

1) Apache version: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7e PHP/4.3.9 mod_perl/1.29 FrontPage/5.0.2.2510

2) CURL information: libcurl/7.12.2 OpenSSL/0.9.7e zlib/1.2.1

3) OpenSSL Version: OpenSSL 0.9.7a Feb 19 2003


How can I make apache use the new installed version of openssl? Did I forgot to do anything else?

Any hint would be much appreciated. Thanks
 
This is a major issue, Directadmin, we need a fix ASAP for this. Also for all hosts: please dont forget to revoke all your certs and request new ones.
 
Note that previous two posts use both YUM and RPM, both of which are only in RedHat-based (Red Hat, Fedora, CentOS) systems.

Jeff
 
Back
Top