I have an Apache server on a Unix machine:
Apache/2.2.29 (Unix) OpenSSL/0.9.8zg
I would like to upgrade the OpenSSL version to 1.0.2, which is the version currently installed on my system:
machine:/ user$ openssl version
OpenSSL 1.0.2d 9 Jul 2015
Can I do that without recompiling the whole server? Do I have to recompile mod_ssl
only as it is loaded inside httpd.conf
with LoadModule
?:
LoadModule ssl_module modules/mod_ssl.so
How can I do that?
Best Answer
The
mod_ssl.so
library is dynamically linked to OpenSSL:As long as your upgrade of OpenSSL does not change the path to the library, all you need to do is upgrade OpenSSL, and then restart Apache so that the new OpenSSL library is loaded. The last time that OpenSSL changed the library paths was in 1.0.0, I believe, so if you are updating from 1.0.0 or later, it should be fine. If you are upgrading from an older version (e.g. 0.9.8), you will need to rebuild mod_ssl after rebuilding OpenSSL.