The Best Way To Update Openssl
Mar 21, 2008what is the best way to upgrade Openssl
to the latest version
openssl-0.9.8g
in my cpanel server
openssl version
OpenSSL 0.9.7a Feb 19 2003
what is the best way to upgrade Openssl
to the latest version
openssl-0.9.8g
in my cpanel server
openssl version
OpenSSL 0.9.7a Feb 19 2003
RHEL4 Box
No Control Panel
Current Version of OpenSSL = OpenSSL 0.9.7a Feb 19 2003
which is the most current version available via 'up2date'.
Need to update to 0.9.8.
I have download the source for 0.9.8h and have:
#./config --prefix=/usr/local --openssldir=/usr/local/openssl
#make
#make test
#make install
All commands ran without errors.
When I run:
# openssl version
OpenSSL 0.9.7a Feb 19 2003
# whereis openssl
openssl: /usr/bin/openssl /usr/local/bin/openssl /usr/include/openssl /usr/local/openssl /usr/share/man/man1/openssl.1ssl.gz
# rpm -qa | grep openssl
openssl-devel-0.9.7a-43.17.el4_6.1
openssl-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
How can I get the version updated?
we need to upgrade the openssl modules, we have apache 2.2 installed and openssl version is 1.0.0,apache and openssl are in solaris9 SPARC.
View 4 Replies View RelatedI might still be a bit too close to the newbie level to be trying this
but I wanted upgrade various components of my cpanel install for security issues.
So I got openssl to update to 0.9.8g and that seemed to be working correctly.
Quote:
openssl version
OpenSSL 0.9.8g 19 Oct 2007
So now I am trying to build PHP 4.4.8 like this:
Quote:
./configure --with-litespeed --with-config-file-path=../php --with-mysql=/usr --with-zlib --with-zlib-dir=.. --with-gd --with-jpeg-dir=.. --with-png-dir=.. --enable-shmop --enable-track-vars --enable-sockets --enable-sysvsem --enable-sysvshm --enable-magic-quotes --with-openssl
And it fails because of the openssl:
Quote:
Make
...
In function `zif_openssl_seal':
/php-4.4.8/ext/openssl/openssl.c:2885: undefined reference to `EVP_CIPHER_CTX_block_size'
collect2: ld returned 1 exit status
(I tried --with-openssl=/usr with no change)
Do you have plans for building Apache 2.4 with OpenSSL 1.0.2? One good reason for upgrading Apache to OpenSSL to 1.0.2 would be the ability to disable TLS session tickets, eq. when using PFS:
Code : SSLOpenSSLConfCmd Options -SessionTicket
Here are a few references:
[URL] ....
[URL] ....
I tried to experiment with replacing OpenSSL dlls and exe in apachein directory but that did not work, because it looks like SSLOpenSSLConfCmd configuration directive is only available when Apache is compiled against OpenSSL 1.0.2.
Currently I am using Apache 2.4.9 OpenSSL 1.0.1g (VC10), want to migrate openSSL 1.0.1h to resolve the vulnerability issue.is there way to migrate openssl alone in my existing apache build ?
View 9 Replies View Relatedso I got OpenSSL 0.9.8k up and installed, no issued:
Quote:
# openssl
OpenSSL> version
OpenSSL 0.9.8k 25 Mar 2009
OpenSSL>
Rebuilt cURL (and then php), httpd and proftpd but all of them are still linking to the older libraries for some reason
Quote:
# curl -V
curl 7.19.4 (x86_64-unknown-linux-gnu) libcurl/7.19.4 OpenSSL/0.9.8g zlib/1.2.3
Protocols: tftp ftp telnet dict ldap http https ftps
Features: IPv6 Largefile NTLM SSL libz
Quote:
[Tue Apr 14 00:11:03 2009] [notice] Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8g DAV/2 PHP/5.2.9 Apache configured -- resuming normal operations
Quote:
Starting proftpd: - mod_tls/2.2.1: compiled using OpenSSL version 'OpenSSL 0.9.8i 15 Sep 2008' headers, but linked to OpenSSL version 'OpenSSL 0.9.8g 19 Oct 2007' library
proftpd has its own set of issues obviously built with i headers and linked to g headers. Any ideas wtf I did? I recomplined and restarted everything. I removed the g and i libraries completely. OpenSSH seems happy and nothing is actually "wrong", the server is working fine but I'm really anal retentive this way...it's kinda how I feel "safer" at the OS level.
Last week I have updated the apache from 2.4.6 to 2.4.9 version in Win 2008, 64-bit server. There was no openSSL and update was successful. Later I did the update in QA with openSSL and again the updte was successfully completed. Apache services was running fine and everything looked nice.
When I did the same update in the prd where openSSL is also there, it failed to start the service.
steps to update the apache from 2.4.6 to 2.4.9
----------------------------------------------
1> stop the apache services
2> Take the backup by copying original Apache installation directory and rename it . (eg I:Program Files (x86)Apache Software FoundationApache2.2 to Apache2.2_old)
3> Unzip the latest binaries to the temp directory
4> Copy the following files apachebin , apachemodules to the Apache Inst Directory ( I:Program Files (x86)Apache Software FoundationApache2.2)
5> start the apache service
----------------------------------------------------
QA and PRD both has enabled openSSL but it was prd where we got the issue , and the apache services couldnt be started. We have had to revert the change. Find the error log in the apache directory
--------------------------
[Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] AH02561: Failed to configure certificate
RGWEB58V.brotherdc.eu:443:0, check G:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/server.crt
[Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] SSL Library Error: error:0906D06C:PEM
routines:PEM_read_bio:no start line (Expecting: CERTIFICATE) -- Bad file contents or format - or even just a
forgotten SSLCertificateKeyFile? [Tue Jun 24 21:12:12.665632 2014] [ssl:emerg] [pid 3336:tid 320] SSL Library Error: error:140AD009:SSL
routines:SSL_CTX_use_certificate_file:PEM lib
---------------------------------------
I read somewhere that there is bug in 2.4.9 as this version breaks the openSSL.
Also read on this forum that someone resolved the issu by changing the server certificate from DER to PEM.
I'm trying to connect to the server via SFTP but when I check the box to do that in Total Commanders settings box it says I need the OpenSSL dll's. I downloaded the must current file from [url] but I can't find any dll files in it and I'm unsure how to proceed.
View 1 Replies View Relatedc:Apache24bin>openssl.exe
WARNING: can't open config file: c:/openssl-1.0.1e-X64/ssl/openssl.cnf
OpenSSL>
I'm getting the below error message when trying to perform "configtest" after upgrading apache to 2.4.12 version with success.
/home/apache/bin/httpd: symbol lookup error: /home/apache/bin/httpd: undefined symbol: SSL_CONF_CTX_new
Note: I received the error after recently upgrading my openssl to 1.0.2.
Just wonder how to get rid of the error message.
Running on Ubuntu Server 12.04.05 LTS 32bit.
We're having problems with the Roundcube webmail spell check, and upon checking the log we get the error 'Unable to find the socket transport SSL'. From what I can find out this is normally due to Open SSL not being enabled, but it is, you can check our php config here.
View 3 Replies View RelatedI get the following error, when I run 'yum update':
Quote:
[root@moloko ~]# yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* atomic: www2.atomicorp.com
* base: mirrors.usc.edu
* updates: mirrors.serveraxis.net
* addons: styx.biochem.wfubmc.edu
* extras: mirrors.gigenet.com
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package file.i386 0:4.17-15.el5_3.1 set to be updated
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 145, in main
(result, resultmsgs) = base.buildTransaction()
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 647, in buildTransaction
(rescode, restring) = self.resolveDeps()
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 704, in resolveDeps
for po, dep in self._checkFileRequires():
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 939, in _checkFileRequires
if not self.tsInfo.getOldProvides(filename) and not self.tsInfo.getNewProvides(filename):
File "/usr/lib/python2.4/site-packages/yum/transactioninfo.py", line 414, in getNewProvides
for pkg, hits in self.pkgSack.getProvides(name, flag, version).iteritems():
File "/usr/lib/python2.4/site-packages/yum/packageSack.py", line 300, in getProvides
return self._computeAggregateDictResult("getProvides", name, flags, version)
File "/usr/lib/python2.4/site-packages/yum/packageSack.py", line 470, in _computeAggregateDictResult
sackResult = apply(method, args)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 861, in getProvides
return self._search("provides", name, flags, version)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 43, in newFunc
return func(*args, **kwargs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 837, in _search
for pkg in self.searchFiles(name, strict=True):
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 43, in newFunc
return func(*args, **kwargs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 586, in searchFiles
self._sql_pkgKey2po(rep, cur, pkgs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 470, in _sql_pkgKey2po
pkg = self._packageByKey(repo, ob['pkgKey'])
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 413, in _packageByKey
po = self.pc(repo, cur.fetchone())
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 68, in __init__
self._read_db_obj(db_obj)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 94, in _read_db_obj
setattr(self, item, _share_data(db_obj[item]))
TypeError: unsubscriptable object
I have two packages in Centos 5.3 that refuse to update via YUM. Coreutils and Findutils.
coreutils.i386 0:5.97-19.el5
findutils.i386 1:4.2.27-5.el5
The error code returned is:
error: unpacking of archive failed on file /usr/bin/find: cpio: rename
error: unpacking of archive failed on file /bin/ls: cpio: rename
I checked that the files are not immutable via chattr and that I am logged in as root. The directory is also writeable.
I can't remove them or change their permissions.
Any idea on how to force an upgrade? I checked with the support at Cpanel but they had no idea how to fix it and were less than helpful.
root@server[~]# yum install fileutils
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* extras: mirror.fdcservers.net
* updates: mirror.fdcservers.net
* base: pubmirrors.reflected.net
* addons: chi-10g-1-mirror.fastsoft.net
Excluding Packages in global exclude list
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package coreutils.i386 0:5.97-19.el5 set to be updated
--> Processing Dependency: findutils for package: coreutils
--> Running transaction check
---> Package findutils.i386 1:4.2.27-5.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved ...
I am researching how to upgrade my server, I have already tested #yum update and seen all the patches and upgrades that could be made for my server. My question is that by upgrading all these (mysql, php, etc) do i need to backup all my mysql databases or should the upgrade not affect my databases?
View 1 Replies View RelatedI just did yum update and got this error:
There are unfinished transactions remaining. You mightconsider running yum-complete-transaction first to finish them.
how can i update my host files on my 2nd server
running as ns2 when i change something on the ns1 server?
using BIND DNS, centos, webmin.
Did anyone have this problem when upgrade to PHP 5.2.8?
This is the error that i got when i upgrade from PHP 5.2.6 to 5.2.8.
"Failed loading C:PHP5ioncubeioncube_loader_win_5.2.dll PHP Warning: PHP Startup: Unable to load dynamic library './ext/php_mssql.dll' - The specified module could not be found. in Unknown on line 0 PHP Warning: PHP Startup: Unable to load dynamic library './ext/php_msql.dll' - The specified module could not be found. in Unknown on line 0 "
I don't have Ioncube install and when i upgrade from PHP 5.2.5 to 5.2.6. I didn't have the above problem. Is Ioncube a included .dll in for the Windows package? How do i fix the above error? Is there any problem with PHP 5.2.8? Is it stable?
My server is Win2003 Standard/IIS6.
i installed APF ( firewall ) in my dediated server 2 years ago. i want to update my APF to new version,
Current Version : APF version 0.9.6
how to update to last version?
I tried to update packages by yum and got this message:
Error: djbdns-localcache conflicts with bind
I installed QmailToaster from this url:
[url]
and I replaced bind with djbdns-localcache*.rpm.
Seems it causes the problem.
What should I do now?
I'm trying to update my vps box using centos distro.
but i got this error.
Code:
---> Package libgcc.i386 0:3.4.6-8 set to be updated
--> Running transaction check
--> Processing Dependency: glibc-common = 2.3.4-2.25 for package: glibc-dummy-centos-4
--> Processing Dependency: libcap.so.1 for package: nscd
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for libcap to pack into transaction set.
libcap-1.10-20.i386.rpm 100% |=========================| 4.4 kB 00:00
---> Package libcap.i386 0:1.10-20 set to be updated
--> Running transaction check
--> Processing Dependency: glibc-common = 2.3.4-2.25 for package: glibc-dummy-centos-4
--> Finished Dependency Resolution
Error: Missing Dependency: glibc-common = 2.3.4-2.25 is needed by package glibc-dummy-centos-4
running centos 4.4.
Current, 2.6.3 came with my centos 4.4 cpanel server, I tried updating it to latest 2.6.9. However, when I type "rsync" it's pointing to 2.6.3 How can I remove the old version or reinstall over it?
View 8 Replies View RelatedLast night my server was updated to Centos 5.4 via yum update command.
Is it recommended to restart the server after this update or it is fine to let it run ?
.. there is also Cpanel on it,
Recently one customer asked if he could upload his MySql database to subfolder in his root and have MySql pick it up from there instead from default location.
This sounds crazy, but request is legitimate, and I was wondering what could be done to enable this user update MySql db this way, or what would be the closest alternative?
can i upgrade my kernel?
yum cant find any new update but my kernel version is 2.6.18-128.1.1.el5.028stab062.3PAE
Whenever I try to run yum update on Cent OS I get this error:
---> Package udev.i386 0:095-14.20.el5_3 set to be updated
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 229, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 145, in main
(result, resultmsgs) = base.buildTransaction()
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 647, in buildTransaction
(rescode, restring) = self.resolveDeps()
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 704, in resolveDeps
for po, dep in self._checkFileRequires():
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 939, in _checkFileRequires
if not self.tsInfo.getOldProvides(filename) and not self.tsInfo.getNewProvides(filename):
File "/usr/lib/python2.4/site-packages/yum/transactioninfo.py", line 414, in getNewProvides
for pkg, hits in self.pkgSack.getProvides(name, flag, version).iteritems():
File "/usr/lib/python2.4/site-packages/yum/packageSack.py", line 300, in getProvides
return self._computeAggregateDictResult("getProvides", name, flags, version)
File "/usr/lib/python2.4/site-packages/yum/packageSack.py", line 470, in _computeAggregateDictResult
sackResult = apply(method, args)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 861, in getProvides
return self._search("provides", name, flags, version)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 43, in newFunc
return func(*args, **kwargs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 837, in _search
for pkg in self.searchFiles(name, strict=True):
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 43, in newFunc
return func(*args, **kwargs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 586, in searchFiles
self._sql_pkgKey2po(rep, cur, pkgs)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 470, in _sql_pkgKey2po
pkg = self._packageByKey(repo, ob['pkgKey'])
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 413, in _packageByKey
po = self.pc(repo, cur.fetchone())
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 68, in __init__
self._read_db_obj(db_obj)
File "/usr/lib/python2.4/site-packages/yum/sqlitesack.py", line 94, in _read_db_obj
setattr(self, item, _share_data(db_obj[item]))
TypeError: unsubscriptable object
[root@liquidwind jeeves]#
i enable Mbstrings and Soap in easyapache in Cpanel.
after 24 hours i restart my server and some things get eror.
tmp folder become read only.
easy apache give below eror :
Code:
Died at /var/cpanel/perl/easy/Cpanel/Easy/Utils/BackGround.pm line 40.
and all site have eror for tmp and mysql.
i change tmp folder but some eror don't solved.
Code:
Can't create/write to file '/tmp/#sql_1f42_0.MYI' (Errcode: 30) SQL=SELECT m.*, sum(case when p.published=1 then 1 else 0 end) as cnt FROM jos_menu AS m LEFT JOIN jos_menu AS p ON p.parent = m.id WHERE m.menutype='mainmenu' AND m.published='1' AND m.access <= '0' GROUP BY m.id ORDER BY m.parent, m.ordering
Warning: Invalid argument supplied for foreach() in /home/music/public_html/modules/mod_tpmenu/tpmenu/dropdown/menu.php on line 127
Warning: array_key_exists() [function.array-key-exists]: The second argument should be either an array or an object in /home/music/public_html/modules/mod_tpmenu/tpmenu/dropdown/menu.php on line 150
this is mount command :
Code:
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw,usrquota)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sda1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
/usr/tmpDSK on /tmp type ext3 (rw,noexec,nosuid,loop=/dev/loop0)
and this is fstabs :
Code:
/dev/VolGroup00/LogVol00 / ext3 defaults,usrquota 1 1
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
/usr/tmpDSK /tmp ext3 defaults,noauto 0 0
I have following error in kernel update with yum:
Downloading Packages:
Running rpm_check_debug
ERROR with rpm_check_debug vs depsolve:
Package kernel conflicts with ecryptfs-utils < 44.
Complete!
So kernel not updated yet.