On a linux 7.2 system, would it be easy to upgrade the current version of
OpenSSL to the most recent?
Are there any directions for this?
Thanks
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On 20 Mar 2003 at 11:34, Robert Lagana wrote:
>
> On a linux 7.2 system, would it be easy to upgrade the current version of
> OpenSSL to the most recent?
> Are there any directions for this?
>
> Thanks
linux 7.2 what? (RedHat, SuSE, etc.)
Aloha => Beau;
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
Linux 7.2 RedHat
Pentium
-----Original Message-----
From: beau@beaucox.com [mailto:beau@beaucox.com]
Sent: Thursday, March 20, 2003 11:45 AM
To: 'modssl-users@modssl.org'
Subject: Re: openssl upgrade
On 20 Mar 2003 at 11:34, Robert Lagana wrote:
>
> On a linux 7.2 system, would it be easy to upgrade the current version of
> OpenSSL to the most recent?
> Are there any directions for this?
>
> Thanks
linux 7.2 what? (RedHat, SuSE, etc.)
Aloha => Beau;
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
Beau,
The easiest way to upgrade is to simply install the latest
RPM for your distibution. These are free downloads and
can be easily obtained by going to www.redhat.com.
Here is something easier for you. Click on the link below
and simply download the patch for the appropriate OS:
https://rhn.redhat.com/errata/RHSA-2003-062.html
Download the package and then install it using the following
command:
rpm -Uvh [nameofpackage.rpm]
Enjoy :-)
============================================
Drew J. Como Phone: 631-434-6600
Systems Administrator Fax: 631-434-7800
dcomo@bascom.com Web: www.bascom.com
Bascom Global Internet Services, Inc.
--------------------------------------------
"When quality is the goal,
winning is guaranteed."
-----Original Message-----
From: owner-modssl-users@modssl.org
[mailto:owner-modssl-users@modssl.org]On Behalf Of Robert Lagana
Sent: Thursday, March 20, 2003 11:50 AM
To: 'modssl-users@modssl.org'
Subject: RE: openssl upgrade
Linux 7.2 RedHat
Pentium
-----Original Message-----
From: beau@beaucox.com [mailto:beau@beaucox.com]
Sent: Thursday, March 20, 2003 11:45 AM
To: 'modssl-users@modssl.org'
Subject: Re: openssl upgrade
On 20 Mar 2003 at 11:34, Robert Lagana wrote:
>
> On a linux 7.2 system, would it be easy to upgrade the current version of
> OpenSSL to the most recent?
> Are there any directions for this?
>
> Thanks
linux 7.2 what? (RedHat, SuSE, etc.)
Aloha => Beau;
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On 20 Mar 2003 at 11:50, Robert Lagana wrote:
> Linux 7.2 RedHat
> Pentium
>
> -----Original Message-----
> From: beau@beaucox.com [mailto:beau@beaucox.com]
> Sent: Thursday, March 20, 2003 11:45 AM
> To: 'modssl-users@modssl.org'
> Subject: Re: openssl upgrade
>
>
> On 20 Mar 2003 at 11:34, Robert Lagana wrote:
>
> >
> > On a linux 7.2 system, would it be easy to upgrade the current version of
> > OpenSSL to the most recent?
> > Are there any directions for this?
> >
> > Thanks
>
> linux 7.2 what? (RedHat, SuSE, etc.)
>
> Aloha => Beau;
>
Hi -
It should not be too hard (but I am not
using RedHat):
1) read http://www.openssl.org/support/faq.html
Note the RedHat sections.
2) download the latest (0.9.7a) to some dir
(I use something like /usr/local/src/openssl).
3) untar it and check its signature (see faq).
4) read the following in the expanded dir:
FAQ and INSTALL and/or INSTALL.whatever
5) make you choices and do a
./config --whatever=whatever \
...
make
make test
6) if OK, you have proved you can get
openssl compiled and tested from source.
7) now is the tricky part; examine your current
installed openssl, determine it's location,
and, if you are sure you know what's what,
remove it with rpm (man rpm if ?s). I assume
you can always revert to the RedHat version
by re-installing the 'official' RedHat
openssl rpm. (I hope you are doing this on
a test machine.)
8) make location changes (prefix=....) (if
necessary) and repeat from step 4.
9) make install and ldconfig.
10)test and, etc.
Aloha => Beau;
PS: please remember that every distro has it's
own quirks; you eventually will have to fight
through them on your own - and, yes, it gets
easier and easier as you install more and more
packages. Good luck!
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On Thu, 20 Mar 2003 beau@beaucox.com wrote:
[SNIP]
>
> It should not be too hard (but I am not
> using RedHat):
>
> 1) read http://www.openssl.org/support/faq.html
> Note the RedHat sections.
>
> 2) download the latest (0.9.7a) to some dir
> (I use something like /usr/local/src/openssl).
>
> 3) untar it and check its signature (see faq).
>
> 4) read the following in the expanded dir:
> FAQ and INSTALL and/or INSTALL.whatever
>
> 5) make you choices and do a
> ./config --whatever=whatever \
> ...
> make
> make test
>
> 6) if OK, you have proved you can get
> openssl compiled and tested from source.
>
> 7) now is the tricky part; examine your current
> installed openssl, determine it's location,
> and, if you are sure you know what's what,
> remove it with rpm (man rpm if ?s). I assume
> you can always revert to the RedHat version
> by re-installing the 'official' RedHat
> openssl rpm. (I hope you are doing this on
> a test machine.)
>
and get the sources and recompile all red-hat apps that rely upon openssl.
There are others on the list that might beable to document what those
applications are, but, I believe there are a few.
> 8) make location changes (prefix=....) (if
> necessary) and repeat from step 4.
>
> 9) make install and ldconfig.
>
> 10)test and, etc.
>
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
On Thu, Mar 20, 2003 at 01:16:25PM -0500, R. DuFresne wrote:
> and get the sources and recompile all red-hat apps that rely upon openssl.
> There are others on the list that might beable to document what those
> applications are, but, I believe there are a few.
You can make that list by finding which version of libcrypto the default
openssl package installs:
nalin@blade:~> rpm -q --provides openssl | grep libcrypto
libcrypto.so.2
and then by checking which packages require that shared library:
nalin@blade:~> rpm -q --whatrequires libcrypto.so.2
Cheers,
Nalin
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
It really depends what you want.
1. You can stick with the Red Hat supplied packages to keep your machine up
to date. Registration with RHN is free (https://rhn.redhat.com), although
the demo accounts do get locked out under heavy. I recommend buying at least
one registration to get priority access. You'll need to run rhn_register on
each machine.
2. If you want the latest features (including patent restricted cyphers) you
can install openssl 0.9.7a alongside the openssl package (don't remove it).
Just don't overwrite /usr/bin/openssl. I haven't tried this with the latest
versions, but it worked fine with one of the betas.
I could make up some RPMs for the latest openssl version, but I've not had
any demand (or much time. I've spent most of the last three weeks trying to
rebuild an evil windoze server).
See the openssl FAQ for some more details.
-
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Blind,
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey@rnib.org.uk
A world of difference - in the UK, 37 million people put their faith on the
last census as "Christian". In Saudi Arabia, this answer would carry a death
sentence for any Saudi.
> -----Original Message-----
> From: Robert Lagana [mailto:Robert.Lagana@entrust.com]
> Sent: 20 March 2003 16:34
> To: 'modssl-users@modssl.org'
> Subject: openssl upgrade
>
>
>
> On a linux 7.2 system, would it be easy to upgrade the
> current version of
> OpenSSL to the most recent?
> Are there any directions for this?
>
> Thanks
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>
-
NOTICE: The information contained in this email and any attachments is
confidential and may be legally privileged. If you are not the
intended recipient you are hereby notified that you must not use,
disclose, distribute, copy, print or rely on this email's content. If
you are not the intended recipient, please notify the sender
immediately and then delete the email and any attachments from your
system.
RNIB has made strenuous efforts to ensure that emails and any
attachments generated by its staff are free from viruses. However, it
cannot accept any responsibility for any viruses which are
transmitted. We therefore recommend you scan all attachments.
Please note that the statements and views expressed in this email
and any attachments are those of the author and do not necessarily
represent those of RNIB.
RNIB Registered Charity Number: 226227
Website: http://www.rnib.org.uk
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org