Upgrading OpenSSL on Debian 6 (squeeze) or Ubuntu 8.04 (hardy)

Posted on 29.03.2012 by mario

The Problem on the long term ubuntu 8.04 and the current stable debian is that they ship the old OpenSSL 0.9.8o With that I wasn’t able to compile the new apache 2.4.1 with all the SSL features I want. Downloading the OpenSSL source and just configure make make install didn’t help at all.

checking whether to enable mod_ssl... checking dependencies 
 checking for OpenSSL... checking for user-provided OpenSSL base directory... none 
 checking for OpenSSL version >= 0.9.7... FAILED 
 configure: WARNING: OpenSSL version is too old 
 no 
 checking whether to enable mod_ssl... configure: error: mod_ssl has been requested but can not be built due to prerequisite failures 
 mario@h2020668:~/apache24/httpd-2.4.1$ openssl version 
 OpenSSL 0.9.8o 01 Jun 2010

The only thing that helped was to use the unix config script plus the right prefix plus the shared option

wget http://openssl.org/source/openssl-1.0.1.tar.gz 
 tar xfz openssl-1.0.1.tar.gz 
 cd openssl-* 
 ./config --prefix=/usr zlib-dynamic --openssldir=/etc/ssl shared 
 make 
 sudo make install

Debian is very fine, but sometimes it sucks because of the lag of new software versions

11 thoughts on “Upgrading OpenSSL on Debian 6 (squeeze) or Ubuntu 8.04 (hardy)”

Schizophrenic Problem Child says:

11.04.2012 at 03:55

Nag them, this was why the huge push by Stefan to get 2.4 out, so it could make it into the shiny new Debian. They should keep it more up to date, especially since this will eventually be the better way to mitigate the BEAST.

Reply
T. J. Brumfield says:

26.06.2012 at 15:13

Debian has PHP 5.4 and Apache 2.4 in experimental, but not libapache2-mod-fcgid nor libapache2-mod-php so I can’t really test it. I’m not sure why upgraded several of the Apache modules, PHP and Apache itself, and not any way to use PHP with Apache 2.4.

Reply
mario says:

26.06.2012 at 22:58

I’ve made a post how to compile Apache 2.4 with mod_fcgid
http://mariobrandt.de/archives/apache/compling-apache-2-4-on-ubuntu-or-debian-519/

Reply
doug says:

05.07.2012 at 23:53

Now i have to recompile apache2.4.2… SIGH!

Reply
bala150985 says:

29.07.2012 at 14:41

Thanks man :-)

Reply
kautzy says:

19.04.2013 at 14:20

“apt-get install libssl-dev” should fix the “WARNING: OpenSSL version is too old” error – at least it did it in my case.

maybe it helps… :)

Reply
Jørgen Skoglund Hansen says:

11.04.2014 at 14:05

Thanks for this page.

I’ve just used it for the for the ‘heartbleed’ update.
Just changed the the source url before using the wget command.

Thanks!

Reply
pchero says:

23.05.2014 at 12:04

Thanks!!! :)

This is exactly what I needed!

Reply
Pingback: Upgrade openssl-1.0.1 on Debian 6
Chris Thompson says:

12.09.2014 at 07:23

Nice!
Used this to upgrade OpenSSL on Ubuntu 8.04 LTS from 0.9.8.g (last version available in apt) to 0.9.8za.
Needed to close this vulnerability to pass PCI scan: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0224

Thanks for the help!

Reply
Ryastum says:

11.09.2018 at 17:11

Thanks !
You save my day !

Reply

11 thoughts on “Upgrading OpenSSL on Debian 6 (squeeze) or Ubuntu 8.04 (hardy)”

Leave a Reply Cancel reply