• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Update curl and OpenSSL modules

Roman

New Pleskian
Hello,
We have php 7.1 set up for our project. There are 2 modules curl 7.19.7 and OpenSSL 1.0.1e-fips. We need to update this modules to the latest version.
curl 7.19.7 -> 7.52.1
OpenSSL 1.0.1e -> 1.1.0 or 1.0.2

Plesk Onyx v17.0.17_build1700161028.14 os_CentOS 6
CentOS 6.4 (Final)
Could you please tell me how it can be done or provide some instructions?
 
Hi,

you can use the repo from city-fan.

[root@~]# cat /etc/redhat-release
CentOS release 6.8 (Final)

[root@ ~]# cat /root/.autoinstaller/microupdates.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<patches>
<product id="plesk" version="17.0.17" installed-at="20170125T075825">
<patch version="13" timestamp="1481622003" installed-at="20170125T075830" />
</product>
</patches>


We have it in use on 69 server:

[root@~]# yum list installed | grep city-fan
c-ares.x86_64 1.12.0-1.0.cf.rhel6 @city-fan.org
curl.x86_64 7.52.1-1.0.cf.rhel6 @city-fan.org
libcurl.x86_64 7.52.1-1.0.cf.rhel6 @city-fan.org
libcurl-devel.x86_64 7.52.1-1.0.cf.rhel6 @city-fan.org
libssh2.x86_64 1.8.0-1.0.cf.rhel6 @city-fan.org
libssh2-devel.x86_64 1.8.0-1.0.cf.rhel6 @city-fan.org

################
# repo download
rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/city-fan.org-release-1-13.rhel6.noarch.rpm

# only update curl
yum install curl

# repo remove
rpm -e city-fan.org-release-1-13.rhel6.noarch
 
Erik, after performing your steps, I still see OpenSSL/1.0.1e when running openssl -version. :confused:

Is there something else to do to apply these updates? I need a newer OpenSSL version to use CURL + HTTP/2. Thank you!
 

Attachments

  • repos.png
    repos.png
    23.7 KB · Views: 5
After running the upgrades did you reboot the system?

Now I did, and the version is still the same:
Code:
[root@server1 ~]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

[root@server1 ~]# curl -V
curl 7.54.1 (x86_64-redhat-linux-gnu) libcurl/7.54.1 OpenSSL/1.0.1e zlib/1.2.3 c-ares/1.13.0 libssh2/1.8.0 nghttp2/1.6.0
Release-Date: 2017-06-14
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets HTTPS-proxy Metalink


CURL persists in making HTTP 1.1 requests, that's why I want to update openssl to see if the problem is solved. It seems it does send proper HTTP 2 from the command line though, as seen in the console output:
Code:
[root@server1 ~]# curl --http2 -I https://nghttp2.org/
HTTP/2 200
date: Thu, 03 Aug 2017 19:56:43 GMT
content-type: text/html
last-modified: Sun, 02 Jul 2017 08:58:08 GMT
etag: "5958b5a0-19e1"
accept-ranges: bytes
content-length: 6625
x-backend-header-rtt: 0.001618
strict-transport-security: max-age=31536000
server: nghttpx
via: 2 nghttpx
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
 
Back
Top