Hello again! That depends on your setup. I'd suppose that OpenSSL's default installer should create symlinks itself. If it did and they doesn't match the previous location - you could try creating a new one: `ln -s /path/to/new/libcrypto.so.1 /lib64/libcrypt.so.1`
Cheers, Fedor. On Mon, Apr 14, 2014 at 3:13 PM, LOKESH JANGIR <lk.jangi...@gmail.com>wrote: > Hi Fedor, > > Yes i did not move this file out. and i can see the output of ls -la > /lib64/libcrypt.so.1 > > libcrypt.so -> ../../lib64/libcrypt.so.1 > > > I complied openssl and it created this library files, > engines libcrypto.a libssl.a pkgconfig > > So now should i move this libcrypt.a file to /usr/lib64 folder and rename > this as .so ? > > Regards, > Lokesh Jangir > > > On Mon, Apr 14, 2014 at 4:31 PM, Fedor Indutny <fe...@indutny.com> wrote: > >> So, considering that it fails to start now. Could you please verify that >> `ls -la /lib64/libcrypt.so.1` is still valid? >> >> Fedor. >> >> >> On Mon, Apr 14, 2014 at 2:53 PM, LOKESH JANGIR <lk.jangi...@gmail.com>wrote: >> >>> Hi Rainer, >>> >>> Yes, apache was running with the old library, i have moved this out, and >>> copied new libssl library from new openssl installation folder. But it is >>> not working and now i am unable to start apache. >>> >>> Now what to do with this ? >>> >>> Regards, >>> Lokesh Jangir >>> >>> >>> On Mon, Apr 14, 2014 at 2:52 PM, Rainer M. Canavan < >>> rainer.cana...@sevenval.com> wrote: >>> >>>> >>>> On Apr 14, 2014, at 10:17 , LOKESH JANGIR <lk.jangi...@gmail.com> >>>> wrote: >>>> >>>> > Hi Team, >>>> > >>>> > I am using Ubuntu, Amazon ami with apache 2.0 and mod_ssl installed. >>>> I found the same openssl vulnerability issue with my ssl certificate. I >>>> have installed new openssl bugfixed version 1.0.1g and create csr and key >>>> file from this. Also i have installed this on the server. I have restarted >>>> apache service and server many times after installation. >>>> > >>>> > But still it is showing my website vulnerable. Can you please guide >>>> me what am i missing now ? >>>> >>>> did you use "apachectl restart", or "apachectl stop" + "apachectl >>>> start"? If you did >>>> the former, the process may still be running with the old, deleted >>>> library. Try >>>> >>>> sudo lsof -n | grep libssl | grep DEL >>>> >>>> to see if that is still the case. >>>> >>>> >>>> >>>> rainer______________________________________________________________________ >>>> OpenSSL Project http://www.openssl.org >>>> Development Mailing List openssl-dev@openssl.org >>>> Automated List Manager majord...@openssl.org >>>> >>> >>> >> >
