Hi Fedor, Yes i did not move this file out. and i can see the output of ls -la /lib64/libcrypt.so.1
libcrypt.so -> ../../lib64/libcrypt.so.1 I complied openssl and it created this library files, engines libcrypto.a libssl.a pkgconfig So now should i move this libcrypt.a file to /usr/lib64 folder and rename this as .so ? Regards, Lokesh Jangir On Mon, Apr 14, 2014 at 4:31 PM, Fedor Indutny <fe...@indutny.com> wrote: > So, considering that it fails to start now. Could you please verify that > `ls -la /lib64/libcrypt.so.1` is still valid? > > Fedor. > > > On Mon, Apr 14, 2014 at 2:53 PM, LOKESH JANGIR <lk.jangi...@gmail.com>wrote: > >> Hi Rainer, >> >> Yes, apache was running with the old library, i have moved this out, and >> copied new libssl library from new openssl installation folder. But it is >> not working and now i am unable to start apache. >> >> Now what to do with this ? >> >> Regards, >> Lokesh Jangir >> >> >> On Mon, Apr 14, 2014 at 2:52 PM, Rainer M. Canavan < >> rainer.cana...@sevenval.com> wrote: >> >>> >>> On Apr 14, 2014, at 10:17 , LOKESH JANGIR <lk.jangi...@gmail.com> wrote: >>> >>> > Hi Team, >>> > >>> > I am using Ubuntu, Amazon ami with apache 2.0 and mod_ssl installed. I >>> found the same openssl vulnerability issue with my ssl certificate. I have >>> installed new openssl bugfixed version 1.0.1g and create csr and key file >>> from this. Also i have installed this on the server. I have restarted >>> apache service and server many times after installation. >>> > >>> > But still it is showing my website vulnerable. Can you please guide me >>> what am i missing now ? >>> >>> did you use "apachectl restart", or "apachectl stop" + "apachectl >>> start"? If you did >>> the former, the process may still be running with the old, deleted >>> library. Try >>> >>> sudo lsof -n | grep libssl | grep DEL >>> >>> to see if that is still the case. >>> >>> >>> >>> rainer______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> Development Mailing List openssl-dev@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> >> >
