Note: The version number is not included in the instructions below. You should check the openssl.org website for the latest version number.

1. Login as root and enter these commands:
2. cd /usr/local/src at shell prompt.
3. rm -rf openssl*
4. wget http://www.openssl.org/source/openssl-VERSION.tar.gz Notice: VERSION is the latest version number that must be changed here. Visit the openssl.org website for the latest version number.
5. tar -zxvf openssl*gz
6. cd openssl*
7. ./config
8. make
make could take awhile
9. make install
install could also take awhile

When it's done installing, do
openssl version
and make sure that your output is equal to the latest version number on the openssl.org website. If not then something went wrong either during compile or install. Check your log files or contact support and log a support ticket on the site.

Now we need to restart Apache and make sure that mod_ssl is using the latest version.
Do
/usr/local/apache/bin/apachectl stop
then
/usr/local/apache/bin/apachectl startssl.

Check to make sure your SSL on Apache is working.

::Added::
Now we need to add OpenSSL to the exclude list in yum.conf so that it doesn't get overwritten by the OS update during the nightly cPanel update:
1. Do
cd /etc

2. We need to edit yum.conf, do
pico yum.conf
or use your fav editor.

3. Change the "exclude=" line so that it has openssl* at the end. Don't forget there needs to be a space between each option on that line and include that asterik (*) on the end as well.

4. Save and exit the editor, hit Ctrl-X and Y for pico users.

And that's it, OpenSSL is now upgraded.

Add to Favourites
Print this Article