I saw, there is a new OpenSSL v 1.0.0 and I wanna ask how to install it. I have this server now Apache/2.2.14 (Ubuntu) PHP/5.2.10-2ubuntu6.4 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k
And I try to install by reading the Install file in the package but I still have 0.9.8k.
$ ./config
$ make
$ make test
$ make install
I need to run a proprietary VPN client (Aventail) that can't use the openssl libraries that are packaged with 64bit F10:The Fedora openssl package does something differently from the original openssl.org package that makes it incompatible with Aventail (see bugzilla ticket 477073) I also believe the Aventail client software requires 32-bit libraries. So, I've determined I need to install 32bit openssl directly from openssl.org, then link my Aventail client to that. Note that I don't want to replace the 64bit openssl libraries currently on my system.
Based on the Bugzilla ticket, I believe I know how to hook up Aventail before I install it simply by supplying a few specific soft links if I can make/compile/whatever the 32bit openssl.org libraries and keep them in their own isolated directory. how to get the 32bit openssl libraries installed in a little corner by themselves on my 64bit system. give a step-by-step on on the commands necessary to place a 32bit version of openssl all by itself in a directory of my choosing?
I'd like to upgrade libssl to 0.9.8l version on my Lucid-based server, because of CVE-2009-3555 - they say that 0.9.8l disables SSL renegotiation, fixing the security issue. But there is no 0.9.8l in Ubuntu repositories - only 0.9.8k-7 is available. how can I upgrade this library? BTW. it is really strange why such significant security fix is not available in Ubuntu repositories. why it is not available?
View 9 Replies View RelatedI find my self abit stuck upgrading OpenSSL to the latest version. The situation is that i've been running LAMP servers just fine by installing the web services from the repositories AND the web services from source. However im now in the process of making a PCI-DSS compliant server LAMP server. I've just had the vulnerability scan report back and its failed due to the OpenSSL having vulnerabilities and it tells me I must upgraded to version higher 1.0.0d.
I've basically spent hours and hours trying to get this working along with research but I dont seem to be having much luck with this one
Im using a fresh install of CentOS and trying to create a RPM using the source code and rpmbuild, I read this was the best way I read, and this is my first time using rpmbuild.
Code:
yum -y install rpm-build make gcc gcc-c++ perl mlocate
cd /usr/src/
wget http://www.openssl.org/source/openssl-1.0.0d.tar.gz
updatedb
tar -zxf openssl-1.0.0d.tar.gz openssl.spec
[Code].....
I just installed ubuntu server 9.04. Now i wanna install GUI on that such as Xinit, and others, theni stuck because i wannna install it without connection (from source / offline).
View 4 Replies View RelatedQuote: Security expert Georgi Guninski has pointed out a security issue in the 1.0 branch of OpenSSL that potentially allows SSL servers to compromise clients. Apparently the hole can be exploited simply by sending a specially crafted certificate to the client, causing deallocated memory to be accessed in the ssl3_get_key_exchange function (in ssls3_clnt.c). While this usually only causes an application to crash, it can potentially also be exploited to execute injected code.
View 1 Replies View RelatedI asked on irc, and received a sad 'not unless the version in synaptics is with ssl'. Is it not possible to change this ? - or is the only way out to compile/build it yourself?
View 1 Replies View Relatedinstalled the fedora 12, but dont know how to use the source dvd to install the source package.
View 3 Replies View RelatedI have been the webmaster of a webpage for a few years and I have always installed Apache and PHP using the source code. The reason is that I wanted to use a recent version of them and I couldn't find it in the repositories.
Now, we are going to purchase a new server with Ubuntu (we were using Fedora in the previous one) and I don't know if install those packages using synaptic (much easier) or install them from scratch using the source code.
Synaptic is great, specially installing modules for PHP, but I am afraid of not having updated versions in a few months.
I'm trying to get an nginx/php-fpm/mysql stack setup on Ubuntu Server 10.04 LTS 32 bit version.
I have pretty much got everything going fine, except PHP extensions. For whatever reason when I compile php it is seeming to not compile any extensions with it ?
I am using the following configure flags:
Code:
./configure --prefix=/opt/php5 --with-config-file-path=/opt/php5/etc --with-curl --with-pear --with-gd --with-jpeg-dir --with-png-dir --with-zlib --with-mcrypt --with-mhash --with-mysql --with-mysqli --with-pdo-mysql --with-openssl --with-xmlrpc --with-xsl --with-bz2 --with-gettext --with-fpm-user=www-data --with-fpm-group=www-data --enable-fpm --enable-exif --enable-wddx --enable-zip --enable-bcmath --enable-calendar --code....
I am looking for an opensource-software that works with debian/ubuntu. I want to count rows from a couple of MySQL-tables on a server and that way keep statistics of changes in those tables. The tables should be read something like every night, and it shows how customers and subscriptions are changing. Today there is about 10 000 rows * a couple of tables, and it would be nice if it is presented in a webpage...
View 4 Replies View Relatedi already installed lucid and during installation i didn't change my location to Iran, now i can't see Iran's server in software sources. anybody has an idea how to add it to list? (i mean not to add it manually in "other software" tab)
View 2 Replies View RelatedI am mainly a Windows admin, but I do *NIX administration from time to time, for now I need to use an open source solution for backup windows environment mainly, I spent last days playing with bacula and backupPC, and I then chose backupPC, I built a solution with it seems working not bad, but before i go on deeper, I thought asking geeks here better, my main experience with back was with Vertias/Symantec Backup Exec, what do you recommend as most similar backup solution in Ubuntu offer a close level (I don't backup to tapes I back to hard disks), also a gui is preferred, while backupPC do a nice work and i handled its client config file (machine_name.pl), but I still do mistakes sometimes and troubleshooting is annoying, I have to backup files from users machines some of these files are running (like PST files), and I could need to backup a database or something from time to time. so whats your opinion all?
View 2 Replies View RelatedMy Firestarter logs show periodic outgoing connection attempts to IP addresses in countries such as Malaysia, China, Russian Federation etc... Fortunately, Firestarter appears to be blocking them. I suspect these are not good and want to find out exactly what process is initiating these outgoing connections.
View 6 Replies View RelatedI am trying to run the same command(s) on the many destination servers from my source server.source server user "report" ssh keys are added to all destination hosts.
hosts.cfg:
----------
gadikota_dev01
[code]....
in order to share profiles between a Mahara and a Moodle installation I need to get OpenSSL working.
I've got OpenSSL installed on the server and followed this tutorial. However, I still get an error message saying that either OpenSSL or PHPs support for OpenSSL are missing: Could not generate a new SSL key. Are you sure that both openssl and the PHP module for openssl are installed on this machine?
What would be the next steps to actually set up the Apache server and PHP so they can use OpenSSL? (I've already specified the path to my caconfig.cnf file in Maharas config.php)
Since I've installed opensuse 11.4 instead of 11.3, I cannot install .rpm packages nor execute updates. I get the following message: "There has been a (probably temporarily) when connecting to the software source/repository" (own translation) details: Media source [URL] does not contain the desired medium So, probably there is something wrong with my software sources. Could anyone give a suggestion to repair this since I'm not a linux expert and would like to install new software on my newly updated machine.
View 9 Replies View RelatedI am trying to install CentOS guest on CentOS 5.3 host. I have installed all the requirements for the same. As per documentation, only NETWORK install is supported if the guest is to be installed as paravirtalized.I copied the CentOS DVD in /home directory with folder name centos52 and exported it through NFS. When I run Virtual machine manager and give installation path as: nfs:<ip address of host>:/home/centos52 , the system while trying to create the storage fails and throws following error:Unable to complete install: 'Invalid install location: Mounting location nfs://<ip address of host>:/home/centos52 failed'
View 1 Replies View Relatedi have a encrypted file using .aes256. I'm trying to decrypt but it fails. This is the command i used
Quote: openssl enc -d -aes256 -in insurance.aes256 > /media/DATA/out.dec And here's the error:Quote: enter aes-256-cbc decryption password: bad decrypt13930:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:330:
I'm unable to compile ruby 1.9.X and I found out it was related to openssl, although it seems there's a patch available for ruby I don't know how to apply it so I was thinking on downgrading to openssl 0.9.8n
I'm using F13 btw, I'm still posting it here as openssl 1.0.0 was first introduced on F12, the other major distros are still using openssl 0.9.8k so there's no much information on the problem
I have a weird problem in which I try to use cryptodev in Openssl version 0.9.8g, but then if an error occurs or the system logs out, the version for Openssl rolls back to 0.9.8b.I have also tried reinstalling, but no dice. The version stays 0.9.8b. I am using Intel Tolapai with RedHat 5
View 1 Replies View RelatedI was upgrading openssl 0.7 to 0.9.81 in my redhat 9 server. I've followed the guideline from here: [url]
Now everything is messed up There's no libcrypto.so in /usr/local/ssl/lib directory. Only libcrypto.a. Neither in /usr/lib or /lib directory. I can't even run scp or wget to download rpm of openssl. Getting libcrypto.so error. I've use locate command to find libcrypto.so. There's none. I've run ./config, make, make test and make install command again in the openssl 0.9.81 source directory. But no luck. No libcrypto.so. This is a production server and the httpd went down.
I want to recompile Apache in order to be SNI supportive because I need to use ssl named based virtual host:
I referred to the following links:
[URL]
I installed the latest version of openssl which is now openssl-1.0.0 I ran the following commands:
./config enable-tlsext --prefix=/usr/local2 --openssldir=/usr/local2/openssl
make
make test
make install
then to recompile apache with new SNI support I ran the following:
./configure --enable-so --enable-ssl --enable-rewrite --enable-unique-id --with-ssl=/usr/local2/openssl
make
make install
After that when I start Apache: /usr/local/apache2/bin/apachectl -k start I get the following error:
SSLStrictSNIVHostCheck failed; OpenSSL is not built with support for TLS extensions and SNI indication. Refer to the documentation, and build a compatible version of OpenSSL.
i need to know more about openssl.In particular i'm having problems with some basic coammand-line stuff to do with signing and base64 encoding.You'll have to excuse me but i'm a security n00b. What is the command for signing some text file with a given private key and then after that base64 encoding the same file.Can this be done with a single command? what's wrong with:
Code:
openssl rsautl -sign -in textfile -inkey privatekey.pem enc -base64 -in textfile
or should that be:
Code:
openssl rsautl -sign -in textfile -inkey privatekey.pem | openssl enc -base64 -
I tried to compile C program that uses Openssl libraries on shell but got this error. I guess libraries are not linked properly.
undefined reference to SSL_library_init()
I am trying to get openssl to verify a certificate. I will walk you through what I have done so far.
1. openssl genrsa -des3 -out connect.mydomain.com.key 2048
2. openssl req -new -key connect.mydomain.com.key -out connect.mydomain.com.csr
3. Bought an SSL from GoDaddy.
4. Submitted my CSR
5. Downloaded sf_bundle.crt (CA File I presume)
6. Downloaded connect.mydomain.com.crt
Now I can do the following: [root@server tls]# openssl verify -CAfile sf_bundle.crt connect.mydomain.com.crt
connect.mydomain.com.crt: OK This is specifying the CAfile.
[Code]...
I am a new administrator and am running SLES 11 on a VM. I have openssl installed, but when I attempt to compile an add-on module to Nginx I get the following list of errors:
[Code]...
I've been googling around and have had a bit of a hard time trying to find help with this little issue. Managed to install CouchDB on the server at work after doing some fiddling due to not having spidermonkey availableAnyways, rt of this involved updating openssl.fter doing this however all hell broke loose.It seems a lot of programs needed the old version- I keep getting: error while loading shared libraries: libssl.so.0.9.8: cannot open shared object file: No such file or directory
I did a search:
>locate libssl.so.0.9.8
And it returned:
[code]...
I got an task assigned to me, i have to create new ssl key, csr & crt files using openssl. But the file name must be of this kind (*.aaa.xx.aa). When I tried the file name starting with * its not accepting the file name. But when I tried with the file name starting with . its getting generated.
View 1 Replies View RelatedI inherited a project that someone built in lampp, and I need create new SSL certs.
So I go to do so and it says that OpenSSL is not installed and to apt-get and install it.(Ubuntu by the way)
So before I did so, I wondered if it would cause any problems...since it was supposed to be part of the lampp stack.