Openssl 1.0.1g integration posible ?

SUSE Product Topics SLES Updates
1

Good Day,

we would remove OpenSSL 0.9.8j and use Openssl 1.0.1g.
Is there any Way to do this.
Actually we use Sles 11 SP3

Thanks for your Help

2

On 20/10/2014 15:34, Isegrim wrote:
[color=blue]

we would remove OpenSSL 0.9.8j and use Openssl 1.0.1g.
Is there any Way to do this.
Actually we use Sles 11 SP3[/color]

If you’re using SLES11 SP3 then you’re in luck as SUSE recently
announced the SLE11 Security Module which adds OpenSSL 1.0.1g. See
https://www.suse.com/communities/conversations/introducing-the-suse-linux-enterprise-11-security-module/
for more information.

HTH.

Simon
SUSE Knowledge Partner

If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.

3

While I understand OpenSSL is used in a lot of products, I’m going to
ask about Apache here.

Going this Security Module route for stronger crypto libraries available
in Apache (vs. NSS) would require rebuilding mod_ssl, correct?

But even then, getting all the way to Forward Secrecy with TLS 1.2
wouldn’t be possible because Apache 2.2.12 doesn’t support the ECDHE
suites.

Am I off base here?

On 10/20/2014 10:34 AM, Simon Flood wrote:[color=blue]

On 20/10/2014 15:34, Isegrim wrote:
[color=green]

we would remove OpenSSL 0.9.8j and use Openssl 1.0.1g.
Is there any Way to do this.
Actually we use Sles 11 SP3[/color]

If you’re using SLES11 SP3 then you’re in luck as SUSE recently
announced the SLE11 Security Module which adds OpenSSL 1.0.1g. See
https://www.suse.com/communities/conversations/introducing-the-suse-linux-enterprise-11-security-module/
for more information.

HTH.[/color]

4

In our project we are currently using openssl 1.01c in SLED 12 but I need to update it to openssl 1.01e how can update it?I tried using yast but I cant uninstall openssl since there are dependencies.?

5

Hi alagirib92,

openssl libraries are an elementary component of modern Linux-based systems… so you may be opening a bag of worms when upgrading. Nevertheless a few related comments:

  • this is a SLES forum - you might re-post in the SLED forums.

  • if you have the proper upgrade package, there’s no need to uninstall - you can simply update the RPM

  • have you checked if the specific fixes you’re looking for are already back-ported by SUSE? The version numbers not necessarily reflect the upstream version of a package.

If you have a specific business need and the provided packets aren’t available (yet), you might want to contact your SUSE representative (or open a SR) to ask for an according enhancement.

Regards,
Jens