Portal Home > Knowledgebase > Articles Database > the best way to update Openssl !!
the best way to update Openssl !!
| Posted by cannibal, 03-21-2008, 02:08 AM |
| hello,
what is the best way to upgrade Openssl
to the latest version
openssl-0.9.8g
in my cpanel server
openssl version
OpenSSL 0.9.7a Feb 19 2003
|
| Posted by phreek338, 03-21-2008, 03:18 AM |
| the best way to do that is to do it manually, download the source code from the official openssl site , compile it and install it. it will overwrite your current openssl version with the newest one
|
| Posted by cannibal, 03-21-2008, 03:32 AM |
| some command would help
I mean how can I install it from the ir's folder
|
| Posted by phreek338, 03-21-2008, 03:38 AM |
| well you can start by doing : wget
then tar xzf source_file.tar.gz
cd openssl*
./configure
make
make install
Those commands should help you figure out how to do it
|
| Posted by dexxtreme, 03-21-2008, 07:01 AM |
| What distro are you running? Sometimes it is not a good idea to stray away from the version that comes with your server. If you don't do it correctly you can end up with two versions of OpenSSL on your server in two different directories, and can cause issues later when compiling other software that uses OpenSSL (e.g., "Your OpenSSL headers do not match your library"). If your OS is not too old, it would probably be best to use whatever tools come with your distro (yum, up2date, etc.) to update it.
|
| Posted by applicurearun, 03-21-2008, 12:53 PM |
| If I'm correct in my understanding you don't want to update mod_ssl as that would break H-Sphere's apache.
I would try updating openssl via ports, yum/up2date; if that fails, then use the manual compile method.
What follows is the most current instructions for a manual compile / update:
cd /usr/local/src
rm -fR openssl-0.9.*
wget -N http://www.openssl.org/source/openssl-0.9.8g.tar.gz
gzip -d -c openssl-0.9.8g.tar.gz | gtar xvf -
cd openssl-0.9.8g
./config
make
make install
alias cp=cp
cp -f /usr/local/ssl/bin/openssl /usr/bin/openssl
cd /usr/local/include
mv openssl openssl.old
ln -s /usr/local/ssl/include/openssl openssl
Thank you.
|
| Posted by meat-man, 05-17-2011, 12:08 PM |
| I'm also wondering about how to do this but on a windows box running apache. I'm doing PCI compliance stuff and my scans keep coming back explaining weak ciphers etc due to the old version of OpenSSL ( 0.9.8c even though I've run the installer for 1.0.0d)
|
| Posted by diegocs, 06-10-2011, 06:43 PM |
| Have you checked if you really are running the latest version?
|
| Posted by virtualcomplete, 06-10-2011, 06:46 PM |
| Have you tried the Update Server Software link in Cpanel software section? You may also check to see what types of updates you are using in the tweak settings section.
|
| Posted by linux-techie, 06-10-2011, 10:01 PM |
| Openssl on cpanel should not be updated manually as it can break the entire cpanel.
I did try this one time but it didnt work
|
Add to Favourites 
Print this Article
Also Read
