The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New Version of OpenSSL

Discussion in 'General Discussion' started by dmgens, Feb 1, 2010.

  1. dmgens

    dmgens Well-Known Member

    Joined:
    Dec 10, 2006
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    I need some information and haven't the slightest idea where to go to get it.

    I'm running a VPS WHM(11.24.2 - X 3.9)/cPanel(11.24.5-S38506) system using CENTOS 4.8. I would like to update the openssl package on it is now at openssl-0.9.7a-43.17.el4_6.1. The problem is that I am worried that installing an updated openssl would brake something. Has anyone tried this and what where the results?

    Thanks
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. dmgens

    dmgens Well-Known Member

    Joined:
    Dec 10, 2006
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Trying for more general audience

    Sorry I was trying for w more general audience. Thought that someone who hadn't fought the PCI thingy and wasn't too worried about system security might have some insight. Still trying to u[date openssl with out braking any thing

    Thanks.
     
  4. dmgens

    dmgens Well-Known Member

    Joined:
    Dec 10, 2006
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Thanks

    The problem is resolved w/o updating openSSL
     
  5. tom4487

    tom4487 Registered

    Joined:
    Feb 4, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    First, install libz, which can be downloaded from the OpenSSL site, if you don't already have it.

    Second, install openssl:

    ./config --prefix=/usr/local --openssldir=/usr/local/ssl
    make
    make test
    make install (as root)
    ./config shared --prefix=/usr/local --openssldir=/usr/local/ssl
    make clean
    make
    make install (as root)
    cd /usr/local/ssl/lib
    cp * /usr/lib

    To avoid getting the following error later when you compile OpenSSH:

    configure: error: Your OpenSSL headers do
    not match your library

    copy all the SSL include files everywhere:

    cd /home/tjnelson/openssl/openssl-*
    cd include/openssl
    cp * /usr/include
    cp * /usr/local/ssl/include
    cp * /usr/local/ssl/include/openssl

    and then add /usr/local/ssl/lib to /etc/ld.so.conf and type

    lcdonfig

    (as root). This is essential in avoiding "header not found" and "headers do not match your library" errors when you go trying to make OpenSSH.

    If the error persists, check config.log to find out what OpenSSH thinks is happening. Sometimes, the actual error has nothing to do with the error message. Or try these commands:

    cd /home/tjnelson/openssl/openssl-*/include/openssl
    cp * /usr/local/ssl/include
    cd /home/tjnelson/openssl/openssl-*
    cp lib* /usr/local/ssl/lib/
    cp lib* /usr/lib/
    ldconfig
    cd /home/tjnelson/openssl/openssl-*/include/openssl
    cp * /usr/include/
    cp * /usr/local/ssl/include/
    cp * /usr/local/ssl/include/openssl

    Sometimes, however, libssl complains about something called "pod2man" and refuses to install:

    No working pod2man found. Consider installing a new version.
    As a workaround, we'll use a bundled old copy of pod2man.pl.
    sh: util/pod2man.pl: No such file or directory

    In that case, you must install it manually:

    cp libssl.a /usr/local/ssl/lib/
    cp *.a /usr/local/ssl/lib/
    cp *.so* /usr/local/ssl/lib/
    cd include/openssl
    mkdir /usr/include/openssl/
    cp * /usr/include/openssl/
    cp * /usr/local/ssl/include/openssl/

    In many cases, if you upgrade OpenSSL you also have to rebuild OpenSSH, or you will get a message like:

    Starting SSH daemon
    OpenSSL version mismatch. Built against 907002,
    you have 90703f
    startproc: exit status of /usr/sbin/sshd: 255

    See below for the procedure.


    Probably this can help you in some or other ways.
    thankyou enjoy posting...
     
Loading...

Share This Page