The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problems with OpenSSL and Curl

Discussion in 'EasyApache' started by mcpacific, May 23, 2016.

Tags:
  1. mcpacific

    mcpacific Member

    Joined:
    May 3, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Los Angeles, CA
    cPanel Access Level:
    Root Administrator
    I recently moved to a new server. After using Easy Apache 3 to compile php, etc. I get the following warning in a security checkup for software I use:

    Secure TLS Support in cURL
    cURL reports that it does not support Secure TLS 1.1 and 1.2. Make sure an SSL library that support TLS 1.1 and 1.2 is installed and supported by cURL.

    When I view phpinfo() I see that OpenSSL shows OpenSSL/1.0.0, even though when I rpm -qa | grep openssl I get

    openssl-1.0.1e-42.el6_7.4.x86_64
    openssl-devel-1.0.1e-42.el6_7.4.x86_64

    yum update openssl reports "No packages marked for Update"

    Similarly, when I rpm -qa | grep curl I get

    python-pycurl-7.19.0-8.el6.x86_64
    curl-7.19.7-46.el6.x86_64
    libcurl-7.19.7-46.el6.x86_64

    and yum update curl gives "No packages marked for Update"

    I just tried rebuilding my profile in Easy Apache 3 and I got a build failure.
     
  2. mcpacific

    mcpacific Member

    Joined:
    May 3, 2015
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Los Angeles, CA
    cPanel Access Level:
    Root Administrator
    I should add the report after Easy Apache 3 build fails:

    !!
    Here are some details that may be helpful: !! '/opt/pcre' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/pcre' so that it will be rebuilt fresh. !! !! '/opt/xml2/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/xml2/' so that it will be rebuilt fresh. !! !! '/opt/lua/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/lua/' so that it will be rebuilt fresh. !! !! '/opt/pcre' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/pcre' so that it will be rebuilt fresh. !! !! '/opt/curlssl/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/curlssl/' so that it will be rebuilt fresh. !! !! '/opt/curlssl/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/curlssl/' so that it will be rebuilt fresh. !! !! '/opt/php_with_imap_client/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/php_with_imap_client/' so that it will be rebuilt fresh. !! !! '/opt/libmcrypt/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/libmcrypt/' so that it will be rebuilt fresh. !! !! '/opt/xml2/' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/xml2/' so that it will be rebuilt fresh. !! !! '/opt/pcre' is up to date but looks like it has local modifications. If you experience any trouble remove '/opt/pcre' so that it will be rebuilt fresh. !! !!
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,700
    Likes Received:
    1,139
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you try moving those directories out of /opt and then rebuilding Apache via EasyApache to see if the issue persists? Here's an example, but you should do this for all of the directories listed in the output from your last response:

    Code:
    mkdir /root/old-opt
    mv /opt/curlssl /root/old-opt/
    Thank you.
     
  4. supportmwm

    supportmwm Registered

    Joined:
    May 21, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi @cPanelMichael

    I have run into the same problem as above user - my curl version of OS (Centos 6.8) shows latest version of OpenSSL however the php compiled version of curl shows openssl 1.0.0 - although I am not getting any errors while running easyapache3. Do you know if above method would resolve issue in this case?

    Thanks
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    35,700
    Likes Received:
    1,139
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    You could utilize a custom cURL version compiled against the system's OpenSSL version on EasyApache 3 using the instructions on the following thread:

    cURL with AsynchDNS

    Thank you.
     
Loading...

Share This Page