'openssl', version '1.0.1e', is out of date, and possibly a security risk.

postcd · Nov 19, 2015

Hello,

i have CentOS 6.7 and cpanel on it.

from rkhunter i got this warning:

Warning: Application 'openssl', version '1.0.1e', is out of date, and possibly a security risk.

# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

WHM 11.52.0 (build 22)

How should i safely fix it while not reducing functionality & security of the SSL on the server?

cotswoldphoto · Nov 22, 2015

I would read this:

Rkhunter reports openssl warning

I tend to test my site using the SSL Server Test (Powered by Qualys SSL Labs) test suite, although I DO add my own custom Pre Main Include to alter the cipher suites, like this:

Home » Service Configuration » Apache Configuration » Include Editor » Pre Main Include » All versions

In the Global Box delete what is there and paste this:

Code:

SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

It is possible that this needs updating for newer standards (please advise me if it does), but it works for me.

cPanelMichael · Nov 23, 2015

Hello

There's a post about this at:

OpenSSL Heartbleed Bug (< 1.0.1g) - Encryption keys at risk

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
	Question about: cPhulk contains outdated country code IP lists after applying a major version updates to cPanel	Security	4	May 3, 2022
A	openssl version discrepancy	Security	4	Mar 25, 2022
B	NTP 482 NTP Version 2, private message	Security	1	May 3, 2021
N	SOLVED ModSecurity cPanel False Info on version 92.0.4?	Security	3	Dec 14, 2020
V	Apache TLS 1.0 support Cpanel 90 version	Security	2	Aug 18, 2020

Search

Search

'openssl', version '1.0.1e', is out of date, and possibly a security risk.

postcd

Well-Known Member

cotswoldphoto

Active Member

cPanelMichael

Administrator