| Author |
|
pjbalajimca@gmail.com
Joined: 16 Jun 2014
Posts: 4
Location: India
|
 Posted: Tue 01 Jul '14 11:10 Post subject: Apache 2.4.9 OpenSSL 1.0.1g, want to migrate to 1.0.1h |
 |
|
Currently I am using Apache 2.4.9 OpenSSL 1.0.1g (VC10), want to migrate openSSL 1.0.1h to resolve the vulnerability issue.
is there way to migrate openssl alone in my existing apache build ?
Thanks in advance.
Balaji P J |
|
| Back to top |
|
admin
Site Admin
Joined: 15 Oct 2005
Posts: 706
|
| Posted: Tue 01 Jul '14 11:18 Post subject: |
|
|
Try to copy the 1.0.1h openssl files over from your 1.0.1g installation:
In /bin : abs.exe, openssl.exe, ssleay32.dll and libeay32.dll
In /modules : mod_ssl.so |
|
| Back to top |
|
pjbalajimca@gmail.com
Joined: 16 Jun 2014
Posts: 4
Location: India
|
| Posted: Wed 02 Jul '14 7:44 Post subject: |
|
|
Hi Admin,
Thanks for your prompt response.
I will check in my setup as per your instruction and update you the status.
Thanks.
Balaji P J |
|
| Back to top |
|
chongster
Joined: 04 Jun 2014
Posts: 9
|
| Posted: Tue 05 Aug '14 18:28 Post subject: |
|
|
What else do I need to change? I replaced the the 1.0.1h openssl files
In /bin : abs.exe, openssl.exe, ssleay32.dll and libeay32.dll
In /modules : mod_ssl.so
but I couldn't start apache afterward. Please help. Thank you  |
|
| Back to top |
|
Steffen
Moderator
Joined: 15 Oct 2005
Posts: 3131
Location: Hilversum, NL, EU
|
| Posted: Tue 05 Aug '14 19:57 Post subject: |
|
|
What error do you get in the Apache error.log and/or Windows event viewer ?
Be sure you do not mix versions, VC11/10/9, Win32/64. |
|
| Back to top |
|
chongster
Joined: 04 Jun 2014
Posts: 9
|
| Posted: Wed 06 Aug '14 16:33 Post subject: |
|
|
| It was some header error with Strict-Transport-Security |
|
| Back to top |
|
Jan-E
Joined: 09 Mar 2012
Posts: 1283
Location: Amsterdam, NL, EU
|
| Posted: Wed 06 Aug '14 17:45 Post subject: |
|
|
| chongster wrote: | | It was some header error with Strict-Transport-Security |
What was the problem? I am trying to reach maximum SSL security without ruling out too many browsers [1] and am curious how upgrading OpenSLL from 1.0.1g to 1.0.1h could lead to errors. Or did you adjust your conf-files as well?
[1] https://www.ssllabs.com/ssltest/analyze.html?d=sessiondatabase.net&hideResults=on |
|
| Back to top |
|
chongster
Joined: 04 Jun 2014
Posts: 9
|
| Posted: Wed 06 Aug '14 23:53 Post subject: |
|
|
| Steffen wrote: |
Be sure you do not mix versions, VC11/10/9, Win32/64. |
Yup this was the main issue. I used the win32 instead win64 such an idiot ><
But yeah replacing those files work like a charm. Thanks Steffen!
I replicating the same result, on the apache2.4.10 with the same old configuration. I got this error.
Invalid command ‘header’ perhaps misspelled or defined by a module not included |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Thu 07 Aug '14 5:23 Post subject: |
|
|
| chongster wrote: |
Invalid command ‘header’ perhaps misspelled or defined by a module not included |
Is mod_headers loaded? |
|
| Back to top |
|
chongster
Joined: 04 Jun 2014
Posts: 9
|
| Posted: Mon 11 Aug '14 17:35 Post subject: |
|
|
sorry for the late reply.
The mod_header was not loaded. When it did the error I got is:
Syntax error on line 116 of C:/Apache2410/conf/httpd.conf: Cannot load modules/mod_headers.so into server: %1 is not a valid Win32 application. |
|
| Back to top |
|
