On Mon, Mar 16, 2026 at 5:10 PM James H. H. Lampert via users < [email protected]> wrote:
> I've got an Apache httpd server running on Amazon Linux 2. I've just > updated it to 2.4.66. > > An SSLLabs scan tells me I don't have TLSv1.3 enabled. And a Google > search told me to add "+TLSv1.3" to the SSLProtocol line in ssl.conf. > > When I tried that, the server crashed on takeoff. The same Google result > said I needed openssl 1.1.1 or later. When I did "openssl version," I > got "OpenSSL 1.0.2k-fips 26 Jan 2017," and after I did a yum update > openssl, I still got "OpenSSL 1.0.2k-fips 26 Jan 2017." > > Amazon tells me that if I want openssl 1.1, I need to install it > separately. And when I did a Google search on how to switch httpd over > to a separately installed openssl 1.1, everything I got said "compile > from source." > > How on Earth would I do that, without having any development tools on > the instance? > > Can somebody point me to a path-of-least-resistance? > > -- > James H. H. Lampert > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > Installing openssl 1.1 and rebuilding httpd is likely the sanest approach here.
