[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modssl
Subject:    Re: Specifying the openssl version used with mod_ssl
From:       "Gregg L. Smith" <lists () glewis ! com>
Date:       2010-09-13 17:48:13
Message-ID: 4C8E63DD.4000707 () glewis ! com
[Download RAW message or body]

Hello Gunner,

Have you tried
--enable-ssl --with-ssl=/path/to/just/compiled/openssl ?

Regards,

Gregg

Gunner Geller wrote:
>  Hello,
> 
>     We are using mac Leopard OS. We have rolled our own Apache(2.2.16)
> separate from the default install. We have also rolled our own OpenSSL to
> the latest version. However when we compile Apache and enable mod_ssl it
> still uses the old OpenSSL version. We can see it in our http headers:
> 
>  
> 
> Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7l
> 
>  
> 
> When typing "openssl version" from my account and the root account I get:
> 
> OpenSSL 1.0.0a 1 Jun 2010
> 
> I've seen this in some apache configs:
> 
> --enable-ssl --with-ssl=/usr/local/ssl
> 
> I've tried the above with no success. According to the output I get when
> configuring/making/installing apache it is finding openssl at the above
> directory. The problem is though that the http header stays the same.
> 
>  
> 
> The problem is we can't upgrade the default openssl version on the OS
> without apple providing the update. The outdated version is tripping our
> security scans. Like I said we rolled our owned updated version but cannot
> get apache/mod_ssl to use it. Any help is appreciated.
> 
> Thanks,
> 
>  
> 
> Gunner Geller
> 
> 

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org
[prev in list] [next in list] [prev in thread] [next in thread]