Can I upgrade OpenSSL version used by apache without recompiling the server but just mod_ssl?

apache-2.2 openssl mod-ssl

Solution 1:

The mod_ssl.so library is dynamically linked to OpenSSL:

$ ldd mod_ssl.so | egrep 'lib(ssl|crypto)'
    libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f23f7209000)
    libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f23f6e26000)

As long as your upgrade of OpenSSL does not change the path to the library, all you need to do is upgrade OpenSSL, and then restart Apache so that the new OpenSSL library is loaded. The last time that OpenSSL changed the library paths was in 1.0.0, I believe, so if you are updating from 1.0.0 or later, it should be fine. If you are upgrading from an older version (e.g. 0.9.8), you will need to rebuild mod_ssl after rebuilding OpenSSL.

Solution 2:

I strongly suggest upgrading your distribution, both Apache 2.2 and OpenSSL 0.9 are VERY, VERY, VERY old and hardly supported any longer.

If that is not an option, you will need to install dev headers for your installed OpenSSL version and recompile mod_ssl against them. That is, if you are using Gentoo or other "do it yourself" kind of distro.

Else, just man up and upgrade. It is LONG overdue in your case.

Related

Ubuntu cp -p on mounted ZFS pool
Disk full on linux server, blocks used is much less then blocks avalable
Is there a command to get Apache to display its running config from memory?
In what use case is a RAID 1E preferable to a RAID 5 array on a 3 disk array?
How can one measure the breakdown of visitors that support TLS 1.2?
Phone rings, but no call, and no log entries in Asterisk
rsync unexplained error & received SIGINT, SIGTERM, or SIGHUP
Which Is a Good Starting Point For Beginner? Apache, Nginx or Cherokee?
RAID 5 detects write errors?
How to forward connection from one interface to another under linux
Status code in nginx try_files directive
Junos: find out each interface's ip