update OpenSSL 1.0.2k-fips to openssl 1.1.1

rahman051

rahman051

Verified User
Joined
Sep 19, 2019
Messages
21
Hello
This version is installed on all servers :
OpenSSL 1.0.2k-fips 26 Jan 2017

How to update it to the new version :

Downloads

The master sources are maintained in our git repository, which is accessible over the network and cloned on GitHub, at https://github.com/openssl/openssl. Bugs and pull patches (issues and pull requests) should be filed on the GitHub repo. Please familiarize yourself with the license. The table...
www.openssl.org www.openssl.org

Apache HTTP Server version 2.4.43 or newer is required in order to operate a TLS 1.3 web server with OpenSSL 1.1.1.
Click to expand...


Is this update correct?

Code: 
yum -y install openssl openssl-devel perl-core zlib-devel
cd /usr/local/
wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz
tar xzf openssl-1.1.1g.tar.gz
./config --prefix=/usr no-threads shared
make
make install
openssl version

AND :

Code: 
cd /usr/local/directadmin/custombuild
./build update
./build set ssl_configuration intermediate
./build apache
./build php
./build rewrite_confs

After updating, many services still display the previous version, such as :
named -V
,....

linked to OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017

Should the files be linked in a way that all services use the new version ?

Please help to update
 

Attachments

  • screenshot_20200812_033502.png
    screenshot_20200812_033502.png
    2.4 KB · Views: 21
  • screenshot_20200812_033641.png
    screenshot_20200812_033641.png
    3.5 KB · Views: 20
  • screenshot_20200812_033700.png
    screenshot_20200812_033700.png
    26.2 KB · Views: 20
  • screenshot_20200812_032930.png
    screenshot_20200812_032930.png
    2.9 KB · Views: 21
  • screenshot_20200812_033543.png
    screenshot_20200812_033543.png
    45.5 KB · Views: 18
Last edited:
don't upgrade using source code... unless you know what are you doing.
you may break your server.

the best way to upgrade is by your package manager
yum/apt

and don't forget to recomple everything with new version of openssl
 
ben29 said:
don't upgrade using source code... unless you know what are you doing.
you may break your server.

the best way to upgrade is by your package manager
yum/apt

and don't forget to recomple everything with new version of openssl
Click to expand...
Thanks for your reply
We have to find the right solution
With yum/apt Unable to update
There is an update only in the Centos 8 version
We want to do it in the previous version " Centos 7"

Help if there is a solution
 
rahman051 said:
Thanks for your reply
We have to find the right solution
With yum/apt Unable to update
There is an update only in the Centos 8 version
We want to do it in the previous version " Centos 7"

Help if there is a solution
Click to expand...

if you running

Code: 
yum update openssl\*

and there is no update...you good to go.

you can always upgrade to last version with compile the openssl.

but be careful about that
 
You must log in or register to reply here.
Back
Top