[openssl-users] database openssl
sampei02 at tiscali.it
sampei02 at tiscali.it
Sat Jun 2 05:39:35 UTC 2018
I think It’s installed 2 version OpenSSL; the former by rpm package while the latter by source tar infact I see following files into /usr/local/openssl-0.9.7e :
drwxr-xr-x 21 root root 4096 Feb 4 2005 .
drwxr-xr-x 19 root root 4096 Jan 20 2011 ..
drwxr-xr-x 4 root root 4096 May 31 11:51 apps
drwxr-xr-x 2 root root 4096 Oct 25 2004 bugs
drwxr-xr-x 3 root root 4096 Oct 25 2004 certs
-rw-rw-r-- 1 root root 287307 Oct 25 2004 CHANGES
-rw-rw-r-- 1 root root 42751 Dec 23 1998 CHANGES.SSLeay
-rw-rw-r-- 1 root root 27 Sep 30 2003 comms.txt
-rw-rw-r-- 1 root root 17 Sep 30 2003 comm.txt
-rwxrwxr-x 1 root root 23980 Jun 29 2004 config
-rwxrwxr-x 1 root root 83455 Oct 1 2004 Configure
drwxr-xr-x 46 root root 4096 Feb 4 2005 crypto
drwxr-xr-x 15 root root 4096 Oct 25 2004 demos
-rw-rw-r-- 1 root root 3058 Sep 30 2003 diffs.6
-rw-rw-r-- 1 root root 4930 Sep 30 2003 diffs.6e
-rw-rw-r-- 1 root root 6721 Sep 30 2003 diffs.6x
-rw-rw-r-- 1 root root 4868 Sep 30 2003 diffs.7
-rw-rw-r-- 1 root root 4948 Sep 30 2003 diffs.sec
-rw-rw-r-- 1 root root 1814 Sep 30 2003 diffs.sec6
-rw-rw-r-- 1 root root 1898 Sep 30 2003 diffs.sec6e
-rw-rw-r-- 1 root root 3627 Sep 30 2003 diffs.sec7
-rw-rw-r-- 1 root root 5080 Sep 30 2003 diffs.secfix
drwxr-xr-x 6 root root 4096 Oct 25 2004 doc
-rw-rw-r-- 1 root root 456 Sep 30 2003 do_patch.sh
-rw-rw-r-- 1 root root 9539 Oct 20 2004 e_os2.h
-rw-rw-r-- 1 root root 17254 May 14 2004 e_os.h
-rw-rw-r-- 1 root root 35375 Oct 25 2004 FAQ
drwxr-xr-x 9 root root 4096 Oct 25 2004 fips
drwxr-xr-x 3 root root 4096 Oct 25 2004 include
-rw-rw-r-- 1 root root 13301 May 11 2004 INSTALL
-rw-rw-r-- 1 root root 2757 May 27 2004 install.com
-rw-rw-r-- 1 root root 1527 Dec 4 2002 INSTALL.DJGPP
-rw-rw-r-- 1 root root 3264 Oct 1 2001 INSTALL.MacOS
-rw-rw-r-- 1 root root 744 Jul 17 2002 INSTALL.OS2
-rw-rw-r-- 1 root root 11363 Sep 7 2001 INSTALL.VMS
-rw-rw-r-- 1 root root 10134 May 11 2004 INSTALL.W32
-rw-rw-r-- 1 root root 2409 Dec 3 2002 INSTALL.WCE
-rw-rw-r-- 1 root root 6279 Mar 17 2004 LICENSE
drwxr-xr-x 3 root root 4096 Oct 25 2004 MacOS
-rw-r--r-- 1 root root 34102 Feb 4 2005 Makefile
-rw-r--r-- 1 root root 34081 Feb 4 2005 Makefile.bak
-rw-rw-r-- 1 root root 33715 Sep 28 2004 Makefile.org
-rwxrwxr-x 1 root root 26776 Aug 9 2004 makevms.com
drwxr-xr-x 2 root root 4096 Oct 25 2004 ms
-rw-rw-r-- 1 root root 13986 Oct 20 2004 NEWS
-rw-rw-r-- 1 root root 183560 Oct 25 2004 op
-rw-rw-r-- 1 root root 137 Feb 28 1999 openssl.doxy
-rw-rw-r-- 1 root root 7858 Oct 25 2004 openssl.spec
drwxr-xr-x 2 root root 4096 Oct 25 2004 os2
drwxr-xr-x 2 root root 4096 Oct 25 2004 perl
-rw-rw-r-- 1 root root 5424 May 11 2004 PROBLEMS
-rw-rw-r-- 1 root root 7910 Oct 25 2004 README
-rw-rw-r-- 1 root root 7699 Dec 8 2000 README.ASN1
-rw-rw-r-- 1 root root 16100 Jul 8 2002 README.ENGINE
drwxr-xr-x 2 root root 4096 Oct 25 2004 shlib
drwxr-xr-x 2 root root 4096 Oct 25 2004 ssl
drwxr-xr-x 2 root root 4096 May 31 11:39 test
drwxr-xr-x 5 root root 4096 Oct 25 2004 times
drwxr-xr-x 2 root root 4096 Feb 4 2005 tools
drwxr-xr-x 3 root root 4096 Oct 25 2004 util
drwxr-xr-x 2 root root 4096 Oct 25 2004 VMS
I can see Makefile, config, … which make to think to source files to compile.
If 2 ways have been used to install Openssl, what files .cnf I have to copy new system to keep every existing database?
I know system Administrators created come test certificates several times.
Here my cnf files list :
/usr/local/openssl-0.9.7e/apps/oid.cnf
/usr/local/openssl-0.9.7e/apps/oid.cnf
/usr/local/openssl-0.9.7e/apps/openssl.cnf
/usr/local/openssl-0.9.7e/apps/openssl.cnf
/usr/local/openssl-0.9.7e/apps/openssl-vms.cnf
/usr/local/openssl-0.9.7e/apps/openssl-vms.cnf
/usr/local/openssl-0.9.7e/crypto/conf/ssleay.cnf
/usr/local/openssl-0.9.7e/crypto/conf/ssleay.cnf
/usr/local/openssl-0.9.7e/test/CAss.cnf
/usr/local/openssl-0.9.7e/test/CAss.cnf
/usr/local/openssl-0.9.7e/test/CAssdh.cnf
/usr/local/openssl-0.9.7e/test/CAssdh.cnf
/usr/local/openssl-0.9.7e/test/CAssdsa.cnf
/usr/local/openssl-0.9.7e/test/CAssdsa.cnf
/usr/local/openssl-0.9.7e/test/CAssrsa.cnf
/usr/local/openssl-0.9.7e/test/CAssrsa.cnf
/usr/local/openssl-0.9.7e/test/Sssdsa.cnf
/usr/local/openssl-0.9.7e/test/Sssdsa.cnf
/usr/local/openssl-0.9.7e/test/Sssrsa.cnf
/usr/local/openssl-0.9.7e/test/Sssrsa.cnf
/usr/local/openssl-0.9.7e/test/test.cnf
/usr/local/openssl-0.9.7e/test/test.cnf
/usr/local/openssl-0.9.7e/test/Uss.cnf
/usr/local/openssl-0.9.7e/test/Uss.cnf
/usr/share/ssl/openssl.cnf
/usr/share/ssl/openssl.cnf
thanks
> On 31 May 2018, at 17:40, Jan Just Keijser <janjust at nikhef.nl> wrote:
>
> Hi,
>
> On 31/05/18 13:23, Sampei wrote:
>> Oh, It's a good starter point.
>> Openssl, installed in old server, is 0.9.7e version.
> smells like RHEL 3 ?!?!?!?
>> Openssl, installed in new server, is -0.9.8e verson.
> smells like RHEL 5, which is out of support; you should upgrade to RHEL or CentOS 6 (which lasts until 2020) or preferably 7
>> In old server I searched .cnf files and I found several files which are /usr/local/openssl-0.9.7e/xxx/yyyyy.cnf
>> where
>> xxx= is directory,
>> yyyy = name of .cnf file
>> I queried to /var/cache/yum/updates-released/packages/openssl-0.9.7a-33.10.i686.rpm in old server, I got:
>> /lib/libcrypto.so.0.9.7a
>> /lib/libssl.so.0.9.7a
>> /usr/bin/openssl
>> /usr/share/doc/openssl-0.9.7a
>> /usr/share/doc/openssl-0.9.7a/CHANGES
>> /usr/share/doc/openssl-0.9.7a/FAQ
>> /usr/share/doc/openssl-0.9.7a/INSTALL
>> /usr/share/doc/openssl-0.9.7a/LICENSE
>> /usr/share/doc/openssl-0.9.7a/NEWS
>> /usr/share/doc/openssl-0.9.7a/README
>> /usr/share/doc/openssl-0.9.7a/c-indentation.el
>> /usr/share/doc/openssl-0.9.7a/openssl.txt
>> /usr/share/doc/openssl-0.9.7a/openssl_button.gif
>> /usr/share/doc/openssl-0.9.7a/openssl_button.html
>> /usr/share/doc/openssl-0.9.7a/ssleay.txt
>> /usr/share/man/man1/asn1parse.1ssl.gz
>> /usr/share/man/man1/ca.1ssl.gz
>> /usr/share/man/man1/ciphers.1ssl.gz
>> /usr/share/man/man1/crl.1ssl.gz
>> /usr/share/man/man1/crl2pkcs7.1ssl.gz
>> /usr/share/man/man1/dgst.1ssl.gz
>> /usr/share/man/man1/dhparam.1ssl.gz
>> /usr/share/man/man1/dsa.1ssl.gz
>> /usr/share/man/man1/dsaparam.1ssl.gz
>> /usr/share/man/man1/enc.1ssl.gz
>> /usr/share/man/man1/gendsa.1ssl.gz
>> /usr/share/man/man1/genrsa.1ssl.gz
>> /usr/share/man/man1/md2.1ssl.gz
>> /usr/share/man/man1/md4.1ssl.gz
>> /usr/share/man/man1/md5.1ssl.gz
>> /usr/share/man/man1/mdc2.1ssl.gz
>> /usr/share/man/man1/nseq.1ssl.gz
>> /usr/share/man/man1/ocsp.1ssl.gz
>> /usr/share/man/man1/openssl.1ssl.gz
>> /usr/share/man/man1/pkcs12.1ssl.gz
>> /usr/share/man/man1/pkcs7.1ssl.gz
>> /usr/share/man/man1/pkcs8.1ssl.gz
>> /usr/share/man/man1/req.1ssl.gz
>> /usr/share/man/man1/ripemd160.1ssl.gz
>> /usr/share/man/man1/rsa.1ssl.gz
>> /usr/share/man/man1/rsautl.1ssl.gz
>> /usr/share/man/man1/s_client.1ssl.gz
>> /usr/share/man/man1/s_server.1ssl.gz
>> /usr/share/man/man1/sess_id.1ssl.gz
>> /usr/share/man/man1/sha.1ssl.gz
>> /usr/share/man/man1/sha1.1ssl.gz
>> /usr/share/man/man1/smime.1ssl.gz
>> /usr/share/man/man1/speed.1ssl.gz
>> /usr/share/man/man1/spkac.1ssl.gz
>> /usr/share/man/man1/sslpasswd.1ssl.gz
>> /usr/share/man/man1/sslrand.1ssl.gz
>> /usr/share/man/man1/verify.1ssl.gz
>> /usr/share/man/man1/version.1ssl.gz
>> /usr/share/man/man1/x509.1ssl.gz
>> /usr/share/man/man5/config.5ssl.gz
>> /usr/share/man/man7/DES.7ssl.gz
>> /usr/share/man/man7/Modes.7ssl.gz
>> /usr/share/man/man7/des_modes.7ssl.gz
>> /usr/share/man/man7/of.7ssl.gz
>
> ******
>> /usr/share/ssl
>> /usr/share/ssl/CA
>> /usr/share/ssl/CA/private
>> /usr/share/ssl/cert.pem
>> /usr/share/ssl/certs
>> /usr/share/ssl/certs/Makefile
>> /usr/share/ssl/certs/ca-bundle.crt
>> /usr/share/ssl/certs/make-dummy-cert
>> /usr/share/ssl/lib
>> /usr/share/ssl/misc
>> /usr/share/ssl/misc/CA
>> /usr/share/ssl/misc/c_hash
>> /usr/share/ssl/misc/c_info
>> /usr/share/ssl/misc/c_issuer
>> /usr/share/ssl/misc/c_name
>> /usr/share/ssl/openssl.cnf
>> /usr/share/ssl/private
> *******
> that's the location to look for the openssl.cnf file and thus the old files; simply do a
> find /usr/share/ssl -mtime -200
> to find any recent files - that should point you in the right direction.
>
>
> HTH,
>
> JJK
>
More information about the openssl-users
mailing list