Hello Igor,
On 25 January 2018 at 15:22, Igor Cicimov <ig...@encompasscorporation.com> wrote: >> Upgrade to the *current* LTS release, which is Ubuntu Xenial. It ships >> OpenSSL 1.0.2. > > > For sure I don't have to update the whole distro to get the newest openssl > :-) You mean you expect to replace a system library from one major release to another, with incompatible ABI and API? No, that's not how it works. Fortunately OpenSSL 1.1.0 creates .so files with the ".so.1.1" file ending (as well as a symbolic link to it from ".so" files) , so the original ".so.1.0.0" files are not overwritten. Otherwise your system would be broken now. I suggested to upgrade to the current Ubuntu LTS because its the fastest and safest way to get OpenSSL 1.0.2, it wont break your system, you get security updates and you have to do it anyway sooner or later, as Trusty is EOL'ed next year. You don't have to; you can always compile OpenSSL statically locally, and use that to compile Haproxy (see README), or if the 1.1.0 headers are installed correctly, just compile Haproxy. But replacing a system library like that is something you need to be very careful with. Regards, Lukas