Hi,
Friends,
Good Morning to all. I have some queries about openssl. I googled for by query but i did not got the relevant answer, hence I came here and i am guaranteed that you gyes will help me definitely as you helped me before as well.
My scenario is I had one centOS 6 server which had openssl version as
Code:
rpm -qa|grep openssl
openssl-1.0.1e-30.el6_6.5.x86_64
openssl-devel-1.0.1e-30.el6_6.5.x86_64
CentOS 6 provides php5.3 as default
Code:
yum list php
Loaded plugins: downloadonly, fastestmirror, presto
Determining fastest mirrors
base | 3.7 kB 00:00
epel | 4.4 kB 00:00
epel/primary_db | 6.4 MB 00:00
extras | 3.4 kB 00:00
panopta | 951 B 00:00
updates | 3.4 kB 00:00
updates/primary_db | 2.1 MB 00:00
Available Packages
php.x86_64 5.3.3-40.el6_6 updates
But I need php5.2, so i preferd to go compilation. It gave me some errors while doing make regarding openssl. I googled for it, gave solution of downgrading openssl.
As default openssl can't be removed, I prefered installing openssl-0.9.x through compilation with --prefix option. After doing I was able to compile php-5.2 successfully.
Now in my server there are followings installed.
Code:
[next02admin@NEXT02VMD02 ~]$ /usr/bin/openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013 (the default one)
[next02admin@NEXT02VMD02 ~]$ /usr/local/bin/openssl version
OpenSSL 0.9.8e 23 Feb 2007 (the compiled one)
[next02admin@NEXT02VMD02 ~]$ php -v
PHP 5.2.10 (cli) (built: Jul 1 2014 00:39:27)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
[next02admin@NEXT02VMD02 ~]$ rpm -qa|grep httpd
httpd-tools-2.2.15-39.el6.centos.x86_64
httpd-2.2.15-39.el6.centos.x86_64
httpd-devel-2.2.15-39.el6.centos.x86_64
Now My question is,
1) Is it safe to use both openssl versions simultaneously.
2) Will it cause any vulnerability on my site (prod ENV), if it will affect to prod env, then to what extend.
Your replies will be very very appreciable. I will be very thankful to you.
Regards,
SSR
