OpenSSL

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL

rajesh_seetharam

Dear Team

 

 

 

We have installed httpd-2.2.25-win32-x86-openssl-0.9.8y apache web server which has openssl .9.8y as a part of the package, we ran the vulnerability scan for the same

 

 

 

The system admin team has suggested to upgrade openssl 0.9.8zb, how do we go about it?

 

 

 

We have used openssl to generate the server key and csr for ssl certificate installation and the ssl certificate certificate has been successfully installed.

 

 

 

After upgrading to the openssl 0.9.8zb, should we regenerate the server key and csr and reinstall the ssl certificate.

 

 

 

What is the advantage of using openssl 0.9.8zb over openssl-0.9.8y

 

 

 

Regards

 

Rajesh




******* DISCLAIMER: This email and any files transmitted with it are privileged and confidential information and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Torry Harris Business Solutions has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail. The recipient should check this email and any attachments for the presence of viruses. THBS reserves the right to monitor and review the content of all messages sent to or from this e-mail address********
******* DISCLAIMER: This email and any files transmitted with it are privileged and confidential information and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Further, you are not to copy, disclose, or distribute this e-mail or its contents to any other person and any such actions are unlawful. This e-mail may contain viruses. Torry Harris Business Solutions has taken every reasonable precaution to minimize this risk, but is not liable for any damage you may sustain as a result of any virus in this e-mail.  The recipient should check this email and any attachments for the presence of viruses. THBS reserves the right to monitor and review the content of all messages sent to or from this e-mail address.********

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL

Salz, Rich
You should not run 0.9.8, any version.  It is old, has known security bugs, and is end of life.
Go to the website, click on download, and get a recent version.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev