How to downgrade OpenSSL on Amazon EC2

amazon ec2opensslyum

I'm using a version of the Amazon Linux AMI (v 2013.03) that comes with OpenSSL 1.0.1 installed as described here: http://aws.amazon.com/amazon-linux-ami/2013.03-release-notes/.

I have an application that may not be compatible with that version of OpenSSL, and I'd like to "downgrade" that to version to 0.9.8. I can install that version with the following:

sudo yum install openssl098e

But I am unable to uninstall the 1.0.1 version. When I try:

sudo yum erase openssl

I get a long list of what seems to be dependency processing and a result of:

Error: Trying to remove "yum", which is protected

Is there a way for me to remove the newer version of OpenSSL?

Best Answer

From this AWS forum post, which is about downgrading OpenSSL 1.0.2k to 1.0.1k, for compiling PHP to run in Lambda, you can pin the release version to an earlier version. All you need to do is figure out what release version you need.

sed -i 's;^releasever.*;releasever=2017.03;;' /etc/yum.conf \
    && yum clean all \
    && yum -y downgrade openssl-1.0.1k

Related Solutions

How to update AWS CLI tools on AWS Linux

sudo pip install --upgrade awscli

Libssl.so.0.9.8 on ec2

A quick search of the amzn repository on my server shows the following:

yum provides */openssl-devel
...
/usr/lib/libssl.so
...

and

repoquery --list openssl098e*
...
/usr/lib/libssl.so.0.9.8e
...

Both (openssl-devel and openssl098e) are from the amzn repository - traditionally, the devel package is used when compiling other packages against openSSL, but perhaps the other one will work for you.

Best Answer

Related Solutions

How to update AWS CLI tools on AWS Linux

Libssl.so.0.9.8 on ec2

Related Topic