|# Based on http://fearby.com/article/update-openssl-on-a-digital-ocean-vm/|
|$ sudo apt-get update|
|$ sudo apt-get dist-upgrade|
|$ wget ftp://ftp.openssl.org/source/openssl-1.0.2h.tar.gz|
|$ tar -xvzf openssl-1.0.2h.tar.gz|
|$ cd openssl-1.0.2h|
|$ ./config --prefix=/usr/|
|$ make depend|
|$ sudo make install|
|$ openssl version|
|# OpenSSL 1.0.2h 3 May 2016|
|# now restart your nginx or other server|
|$ sudo service nginx restart|
|# check your website here https://www.ssllabs.com/ssltest/|
Do _NOT_ use this as a "fix" for CVE-2016-2107!
Just upgrade your OpenSSL to
Using an _UNSECURED_ FTP method for downloading the source _WITHOUT VERIFYING_ the SHA256 hash, or PGP signature is stupid enough, manually compiling and installing such system libraries is not a very good way of making sure your system is up-to-date in the future!
Oh and by the way: yes, also for 14.04 (Trusty) OpenSSL version
I'm running with SmartOS on Joyent server and still Ssllabs verification fails and persistent.
I have following openSSL version in my server
After upgrading openssl to 1.1.0, I restarted running instance of the server.
I did following steps to update openSSL
Anybody know what should be problem now?
Im trying to update a server and I still am getting a failure for the vulnerability.
apt-cache policy openssl:
sudo apt-get install --only-upgrade libssl1.0.0 openssl
Still getting F in https://www.ssllabs.com/