Openssl 3.0.7 in Centos 7.9

Shawn Heisey openssl at
Sat Dec 17 22:43:20 UTC 2022

On 12/16/22 08:11, Ariel R. wrote:
> ln -s /usr/local/lib64/ /usr/lib64/
> ln -s /usr/local/lib64/ /usr/lib64/


> *#About the problem*
> In the console, if I run “openssl version“, I can see the version 
> installed is indeed 3.0.7, which is ok.
> The problem is that Apache is still referencing the old version:
> Server Version: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s

The symlinks you created put copies of the openssl 3 libraries into the 
general OS library path.

Apache wasn't compiled against openssl 3, though ... so it is going to 
be looking for a very different library files.

This is a generic CentOS 7 install on a VM:

[sheisey at centos7 ~]$ locate libssl
[sheisey at centos7 ~]$ cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)

The library filenames for the system openssl are very different than the 
library filenames for the 3.0.7 version you installed.

I don't think you can replace the system's 1.1.1s libraries with the 
3.0.7 version, I expect that would break things.  You will probably need 
to compile Apache yourself and have it use the openssl that you 
installed into /usr/local.

I installed mod_ssl on that vm and checked what library files it is 
looking for:

[sheisey at centos7 ~]$ ldd /usr/lib64/httpd/modules/ =>  (0x00007ffd0bda5000) => /lib64/ (0x00007f309ddd7000) => /lib64/ (0x00007f309d974000) => /lib64/ (0x00007f309d758000) => /lib64/ (0x00007f309d554000) => /lib64/ (0x00007f309d186000) => /lib64/ (0x00007f309cf39000) => /lib64/ (0x00007f309cc50000) => /lib64/ (0x00007f309ca4c000) => /lib64/ (0x00007f309c819000) => /lib64/ (0x00007f309c603000)
	/lib64/ (0x00007f309e280000) => /lib64/ (0x00007f309c3f3000) => /lib64/ (0x00007f309c1ef000) => /lib64/ (0x00007f309bfd5000) => /lib64/ (0x00007f309bdae000) => /lib64/ (0x00007f309bb4c000)

The openssl library filenames that it is looking for are 
and, so it would not pick up the openssl version 3 symlinks.

I'm curious how you ended up with 1.1.1s on CentOS 7.  My VM is up to 
date and it has 1.0.2k.


More information about the openssl-users mailing list