I've got an Apache httpd server running on Amazon Linux 2. I've just
updated it to 2.4.66.
An SSLLabs scan tells me I don't have TLSv1.3 enabled. And a Google
search told me to add "+TLSv1.3" to the SSLProtocol line in ssl.conf.
When I tried that, the server crashed on takeoff. The same Google result
said I needed openssl 1.1.1 or later. When I did "openssl version," I
got "OpenSSL 1.0.2k-fips 26 Jan 2017," and after I did a yum update
openssl, I still got "OpenSSL 1.0.2k-fips 26 Jan 2017."
Amazon tells me that if I want openssl 1.1, I need to install it
separately. And when I did a Google search on how to switch httpd over
to a separately installed openssl 1.1, everything I got said "compile
from source."
How on Earth would I do that, without having any development tools on
the instance?
Can somebody point me to a path-of-least-resistance?
--
James H. H. Lampert
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
