Re: Forcing openssl version 1.0.1m

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Look at the first entry in the error log when you restart Apache.  It should 
show the version of OpenSSL and whether it started properly.

John
========================================
On Wednesday 06 May 2015 12:17:48 Daryl Rose wrote:
> Do to security vulnerabilities with OpenSSL, I've had to recompile
> Apache 2.4.12 with OpenSSL version 1.0.1.m. The team that controls the
> web servers doesn't want me to install into the same installation
> directory, but rather into a separate directory.  They then copy config
> files and whatever they need into the new installation and then start
> Apache from there. I compiled from source on a separate server, then
> created a tarball which I dropped onto the actual web servers. The
> first time that I did this, I did a "curl --head http://localhost"; to
> verify the OpenSSL version.  I got back that the OpenSSL version was
> still 1.0.1j.  So, I recompiled, verified on the server that I used to
> compile on and verified that OpenSSL 1.0.1m was what was compiled into
> Apache.  I then tarballed everything up, copied it over to the web
> servers, dropped into place and turned over to the internet team.  I
> was just informed that OpenSSL is still pointed to 1.0.1j. The only
> thing that I can think of is that the internet team must have something
> in a config file somewhere that is actually calling OpenSSL  1.0.1j. 
> Can that be possible?  Other than doing a "curl --head
> http://localhost";, how can I tell what version of OpenSSL is being
> used? Thanks
> Daryl

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux