Update OpenSSL on VPS

sierracircle · 2014-10-07 15:28:35 UTC

Does anyone know if it is possible to update OpenSSL on a VPS?

A site I am managing has failed PCI compliance, and the culprit seems to be a slightly outdated OpenSSL version.

I have root access, but it looks like the repositories it uses are Dreamhosts:

http://mirror.newdream.net/debian/

I could try adding additional repositories, but do not want to break anything, as I am not well versed in how Dreamhost has these VPS set up… Anyone with experience in this area?

Andrew_F · 2014-10-07 17:36:36 UTC

Contact DreamHost Support. We have experience in dealing with these issues and can help you get into compliance.

sierracircle · 2014-10-07 18:07:01 UTC

Great. That was my next step…waiting on the site-owners to send me their panel pw so I can get the ball rolling.

It looks like the OpenSSL version is 0.9.8o, and needs to be upgraded to to 0.9.8za

I will follow up on this post when I have it resolved in case anyone else is dealing with this.

sierracircle · 2014-10-09 02:26:12 UTC

I wanted to follow up on this and give the response I received from the DH:

I am having the site owner run a PCI scan again, and will follow up again once we get it to pass.

sierracircle · 2014-10-09 14:33:25 UTC

Okay///last follow up: The PCI scan was successful after the update that the DO-support made to libssl0.9.8

system · 2014-10-12 11:20:32 UTC

Congrats with the PCI scan. I know how it feels and it must be a nightmare for you creating screen shots that they’re requiring.