CentOS 5.x Apache OpenSSL

CentOS 5.11 – Have the latest OpenSSL 1.0.2 running on Apache 2.2.3

CentOS 5.x is old and EOL. But there are still lots of servers running this version.

I needed for a specific project to be able to run Apache + MOD_SSL on CentOS 5.x and enable TLS v1.2. Since I was not able to compile mod_ssl separately, I had to find another way.

Let’s start with Openssl-1.0.2a (you need to have compilers enabled and installed):

Compile Apache on CentOS 5.x in order to use a newer openssl version:

That’s it. You’re running the default Apache-2.2.3 version from CentOS 5.x but having the latest OpenSSL. Have fun!

17 thoughts on “CentOS 5.11 – Have the latest OpenSSL 1.0.2 running on Apache 2.2.3”

  1. Thanks for this – I’m seeing the same issue as Martin in that the BUILD directory is empty after the install of the src.rpm. There is a httpd-2.2.3.tar.gz in the SOURCES dir. I’ll extract that to BUILD and see what happens.

    1. Please check the post and follow the steps. It seems that I’ve missed some steps when writing the blog post. It should work since I just tried on a centos5 machine…

  2. This may help:

    In the second block on line 10: > needs to be > to redirect the output. I’m sure it;s just an HTML entitiy conversion issue with the post.

    On line 17 httpd.specific needs to be httpd.spec

    1. I have updated the post, I’ve probably badly copy/paste the apache src.rpm package version that it was supposed to be installed. Yes with that httpd-2.2.3-111.9.x86_64 you will get an error. The right package to install is this: httpd-2.2.3-92.el5.centos.src.rpm. You have to remove the old httpd package and install this new one I’ve provided. And it should work.

        1. I’ve updated the post accordingly. You need to install openssl-devel and openldap-devel. You can achive that by doing: yum -y install openssl-devel openldap-devel

  3. hi 898

    i follow all the step and it seems i didnt have any error but when i browse to https site

    i got this error

    curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

    [root@rms httpd-2.2.3]# curl –version
    curl 7.29.0 (i686-redhat-linux-gnu) libcurl/7.29.0 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 libssh2/1.4.3
    Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
    Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top