OpenSSL question re: EasyApache 4 Nov 20 Release

ciao70 · Nov 20, 2019

Hello,

Upgrade auto from Openssl 1.0.2 to 1.1.1?

Nirjonadda · Nov 20, 2019

@cPanelPhilH How to Upgrade to OpenSSL 1.1.1 from OpenSSL 1.0.2t?

vacancy · Nov 21, 2019

I did the manual setup by activating the experimental repository but it was not active.

Bash:

Installed Packages
ea-openssl.x86_64                                      1.0.2t-1.1.1.cpanel                          @EA4
ea-openssl11.x86_64                                    1.1.1d-1.1.1.cpanel                          @EA4

Bash:

Server Version: Apache/2.4.41 (cPanel) OpenSSL/1.0.2t mod_bwlimited/1.4

Version.1.1.1 does not work because openssl 1.0.2 is active on the operating system side.

Bash:

[[email protected] ~]# openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017

cPanelLauren · Nov 21, 2019

Hey guys,

In yesterday’s EA4 release, we included some binaries for OpenSSL 1.1.1. These binaries are intended to be used with our experimental version of NGINX which is slated for update on Monday. This implementation of OpenSSL 1.1.1 is for NGINX use only at this time, however, we will be putting out a call for early beta testers to use PHP and Apache built against OpenSSL 1.1.1 soon.

Our Apache/PHP is not built against this version of OpenSSL yet and won't be until the beta test of it is complete. I'm sorry for any confusion.

Thanks!

Nirjonadda · Nov 21, 2019

cPanelLauren said:
Hey guys,

In yesterday’s EA4 release, we included some binaries for OpenSSL 1.1.1. These binaries are intended to be used with our experimental version of NGINX which is slated for update on Monday. This implementation of OpenSSL 1.1.1 is for NGINX use only at this time, however, we will be putting out a call for early beta testers to use PHP and Apache built against OpenSSL 1.1.1 soon.

Our Apache/PHP is not built against this version of OpenSSL yet and won't be until the beta test of it is complete. I'm sorry for any confusion.

Thanks!

Do you have any plan about when NGINX wiil be Stable and add support for without Limitations?

Limitations: If one of your domains matches a proxy domain, the system will warn you that it will ignore conflicting duplicate entries. This conflict may result in unexpected behavior.

Warning:

When you use Nginx, your ModSecurity™ rules will not apply.
Any restrictions set in an .htaccess file will not apply. For example, if you password-protected a directory, the protection will not work.
If you create an alias, make certain that your path's location ends with a trailing slash (/). If your path does not end with a /, then your path is vulnerable to a path traversal exploit.
For more information, read the Nginx Security Advisories documentation.

Thread starter	Similar threads	Forum	Replies	Date
S	Openssl 1.1.1e bug creating lots of errors...	Web Servers and Applications	1	Apr 2, 2020
R	OpenSSL errors in php scripts after upgrade to 86.0.17	Web Servers and Applications	14	Apr 2, 2020
N	OpenSSL v1.0.2u used?	Web Servers and Applications	3	Feb 26, 2020
D	can not find some of te php7.3 extensions like json and openssl	Web Servers and Applications	3	Jan 2, 2020
N	Issue with openssl version after update	Web Servers and Applications	6	Sep 13, 2017

Search

Search

OpenSSL question re: EasyApache 4 Nov 20 Release

ciao70

Well-Known Member

Nirjonadda

Well-Known Member

vacancy

Well-Known Member

cPanelLauren

Product Owner

Nirjonadda

Well-Known Member