Look at the first entry in the error log when you restart Apache. It should show the version of OpenSSL and whether it started properly.
John ======================================== On Wednesday 06 May 2015 12:17:48 Daryl Rose wrote: > Do to security vulnerabilities with OpenSSL, I've had to recompile > Apache 2.4.12 with OpenSSL version 1.0.1.m. The team that controls the > web servers doesn't want me to install into the same installation > directory, but rather into a separate directory. They then copy config > files and whatever they need into the new installation and then start > Apache from there. I compiled from source on a separate server, then > created a tarball which I dropped onto the actual web servers. The > first time that I did this, I did a "curl --head http://localhost"; to > verify the OpenSSL version. I got back that the OpenSSL version was > still 1.0.1j. So, I recompiled, verified on the server that I used to > compile on and verified that OpenSSL 1.0.1m was what was compiled into > Apache. I then tarballed everything up, copied it over to the web > servers, dropped into place and turned over to the internet team. I > was just informed that OpenSSL is still pointed to 1.0.1j. The only > thing that I can think of is that the internet team must have something > in a config file somewhere that is actually calling OpenSSL 1.0.1j. > Can that be possible? Other than doing a "curl --head > http://localhost";, how can I tell what version of OpenSSL is being > used? Thanks > Daryl --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
