Skip to content

Instantly share code, notes, and snippets.

@suprememoocow

suprememoocow/install.sh

Created April 7, 2014 22:33
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save suprememoocow/10069403 to your computer and use it in GitHub Desktop.
Save suprememoocow/10069403 to your computer and use it in GitHub Desktop.
Download ZIP
Update OpenSSL to 1.0.1g using Ansible
Raw
install.sh
#!/bin/bash
# roles/openssl/files/install.sh
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz -O /tmp/openssl-1.0.1g.tar.gz
cd /tmp
tar -xvzf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config --prefix=/usr \
--openssldir=/etc/ssl \
--libdir=lib \
shared \
zlib-dynamic
make install
make clean
cd ..
rm -rf openssl-1.0.1g.tar.gz openssl-1.0.1g/
Raw
main.yml
# roles/openssl/tasks/main.yml
---
- name: check openssl version
shell: "openssl version"
ignore_errors: yes
register: openssl_version_query
tags: openssl
- script: install.sh
when: openssl_version_query.stdout.find('1.0.1g') == -1
tags: openssl
@rgbkrk
Copy link

rgbkrk commented Apr 8, 2014

You'll want to make sure you don't have any systems that currently have the old version of OpenSSL running too.

Use lsof -n | grep ssl | grep DEL to find them and restart those services.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment