Web Hosting Forum | Lunarpages

Author Topic: Upgrading OpenSSL on a cPanel server  (Read 10342 times)


  • Guest
Upgrading OpenSSL on a cPanel server
« on: September 12, 2006, 07:32:17 AM »

There is a security hole in the prior OpenSSL versions, so you can upgrade OpenSSL by doing the following set of commands in shell:

Code: [Select]
openssl version
Most should be 0.9.7a.  If you find a different version such as 0.9.8, please email dedicated@lunarpages.com to ask a system admin what to do.

Code: [Select]
mkdir /root/setup && cd /root/setup
wget http://www.openssl.org/source/openssl-0.9.7k.tar.gz
tar -xvzf openssl-0.9.7k.tar.gz
cd openssl*
make install

For ./config, make and make install commands, allow the command to process and complete prior to going onto the next command.

Code: [Select]
/etc/init.d/httpd stop
killall -9 httpd
/etc/init.d/httpd startssl

Browse to a secure page on the server to test other than cPanel or WHM (provided you have any secure pages using https).

Code: [Select]
vi /etc/yum.conf
Edit the exclude line to encompass openssl so it isnít overwritten by the old version by doing Esc+i keys:

Code: [Select]
exclude=mod_ssl* httpd* perl mysql* php* spamassassin* kernel* exim* courier* apache* openssl*
Your listing order might differ, the only important thing is basically adding the openssl* at the end of the exclude= line as the above example shows.  You wouldn't remove or add any other ones not already in the exclude line.

Save the file (:wq in vi).

If you have any issues arise, please let us know by sending a ticket to dedicated@lunarpages.com or by posting those questions here.

« Last Edit: June 15, 2007, 01:52:55 PM by Danielle »


Share |