OpenSSL is an open-source implementation of the SSL and TLS protocols. The core library, written in the C programming language, implements the basic cryptographic functions and provides various utility functions.
74
votes
3answers
17k views
How do I recover from the Heartbleed bug in OpenSSL?
CVE-2014-0160 a.k.a. Heartbleed is a vulnerability in OpenSSL. It looks scary.
How do I determine whether I am affected?
If I'm affected, what do I need to do? Apparently upgrading isn't enough.
5
votes
2answers
5k views
Openssl upgraded via apt-get, `openssl version` showing previous version
I am running Debian Wheezy. I have just upgraded my system and should have the latest version of openssl (1.0.1g which fixes a critical bug), but it does not appear to be being used.
I have run:
...
7
votes
6answers
19k views
How do I upgrade OpenSSL?
According to these instructions:
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
I need to use OpenSSL 0.9.8k or later (right now it's on 1.0.0c) to use name based virtual hosts in apache. ...
7
votes
2answers
776 views
RSA 2048 keypair generation: via openssl 0.5s via gpg 30s, why the difference?
RSA 2048 keypair generation: via openssl 0.5s via gpg 30s, why the difference
There are several programs which can gerate RSA public/private keypairs
GnuPG/OpenPGP for instance has a wizzard being ...
7
votes
0answers
3k views
OpenSSL Package Rebuild CentOS 6.4 [closed]
Rebuilding openssl with Elliptic Curves on CentOS 6.4
The strategy is:
1) Download the "official" CentOS source package (.src.rpm)
2) Modify the .spec file to enable elliptic curves. (change no-EC ...
7
votes
3answers
6k views
Safe way to pass password for >1 programs in bash
I'm writing a bash script, and need to ask user for his password and pass it to openssl. Whilst openssl can read the password itself, I need for two runs of the program and don't want to ask the user ...
6
votes
1answer
585 views
Are Debian- and RedHat-style repositories compromised by Heartbleed OpenSSL bug?
The Heartbleed exploit (CVE-2014-0160) makes SSL connections using OpenSSL vulnerable to private key leakage.
Does it mean that official update channels in RHEL/CentOS/etc. and Debian/Ubuntu shall be ...
2
votes
0answers
138 views
SSL Configurations for Intermediate certificate
I had implement a mutual certificate authentication and it worked successfully for following steps :
create root ca (self-signed)
create server certificate and sign it with ca private key
create ...
2
votes
2answers
3k views
Cannot Compile Apache: “Error, SSL/TLS libraries were missing or unusable”
Arch Linux 2011.08.19 (Linux 3.4.2 i686)
Apache 2.2.22 → 2.2.22 (recompile & reinstall)
OpenSSL 1.0.1.c-1
These details are likely irrelevant, but: I’m using yaourt with customizepkg to build ...
0
votes
1answer
121 views
upgrade OpenSSL from 0.9.8w to 1.0.0i or 1.0.1a on Linux server [duplicate]
I want to upgrade OpenSSL from 0.9.8w to 1.0.0I or 1.0.1a.
I am using
os.name Linux
os.version 2.6.18-164.9.1.el5
Any pointers or links would be very helpful.
Thanks in Advance.
