Want more timely Centmin Mod News Updates?
Become a Member

Security CentOS updating for OpenSSL 1.0.2 testing feedback please

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Jan 24, 2015.

  1. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
    Same time as OpenSSL 1.0.1l release there's a OpenSSL 1.0.2 released too. Folks give it a test and see if it compiles fine for your Centmin Mod LEMP setups :)

    Change Log for OpenSSL 1.0.2

    OpenSSL 1.0.2 testing on Centmin Mod 1.2.3-eva2000.07 stable via manual update for Centmin Mod Nginx static OpenSSL compile part outlined here.

     
    • Like Like x 2
  2. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
    Works fine on my LIVE Server :D
     
    • Like Like x 1
  3. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
  4. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
    CLOUDFLARE_PATCHSSL='y'
    Yes.
     
    • Like Like x 1
  5. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
  6. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
    Testing system OpenSSL 1.0.1e-30.el6_6.5 vs OpenSSL 1.0.2 static compiled into Centmin Mod Nginx
    Code:
    openssl speed ecdsap224 ecdsap256
    
    /svr-setup/openssl-1.0.2/.openssl/bin/openssl speed ecdsap224 ecdsap256
    Not sure if it makes much difference for most folks using SSL certificates with RSA 2048bit as it would only apply to ECC 256 bit (ECDSA) based SSL certificate usage ? SSL - ECC 256 bit vs RSA 2048 bit SSL | Centmin Mod Community

    My test site at sslspdy.com is using ECC 256 bit SSL certificate with ECDSA signature algorithm :)
     
    Last edited: Jan 24, 2015
  7. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
    I will run this on Terminal?
    Code:
    /home/svr-setup/openssl-1.0.2/.openssl/bin/openssl speed ecdsap224 ecdsap256
     
  8. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
    yup
     
  9. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
    Sad thing I already clean it up :(
    # /home/svr-setup/openssl-1.0.2/.openssl/bin/openssl speed ecdsap224 ecdsap256
    -bash: /home/svr-setup/openssl-1.0.2/.openssl/bin/openssl: No such file or directory


    After I upgrade nginx :D
     
  10. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
    haha, meant to keep them there as Centmin Mod uses ccache for compiler caching, should speed up reinstalls of same version source recompiled software by up to 60% faster than non-cached ccache normal source recompiles
     
  11. RoldanLT

    RoldanLT Well-Known Member

    3,830
    929
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,258
    Local Time:
    10:48 PM
    1.11
    10.2
    :D
    From now on, I will :D

    I also change my /svr-setup/ to /home/svr-setup/, that's fine?
     
  12. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5
    should be :)
     
  13. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:48 AM
    Nginx 1.13.x
    MariaDB 5.5