webSIGHTdesigns - Web Design, Web Development, Web Hosting

How to Upgrade OpenSSL on Ubuntu 13.04

Posted on Wednesday, April 9th, 2014 at 9:09 pm
by webSIGHTdesigns

This quick tutorial outlines how to upgrade openssl to the latest version on Ubuntu Server 13.04.

A massive security hole has left over two thirds of the Internet's web servers vulnerable to the "Heartbleed Bug" which was announced to the public today. Use the following tool to check if your server is vulnerable:

http://filippo.io/Heartbleed/

You can run the following Bash script to upgrade your instance of OpenSSL to the latest version which at the time of this writing is <code>1.0.1g</code>:

#!/bin/bash

###
# Need to upgrade an Ubuntu 13.04 server to use OpenSSL 1.0.1g?
# Read and execute this script :D
###
# License: WTFPL, GPLv3, MIT, whatever; just patch your shit
# http://askubuntu.com/questions/444702/how-to-patch-cve-2014-0160-in-openssl
###

if [[ $EUID -ne 0 ]]; then
	echo "This script must be run as root" 1>&2
	exit 1
fi
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz
wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz.asc

gpg --recv-key 0xD3577507FA40E9E2
# Dr Stephen Henson
# IMPORTANT! Manually verify that this is the correct key ID:
# http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xD3577507FA40E9E2
# https://www.openssl.org/about/

gpg --verify openssl-1.0.1g.tar.gz.asc openssl-1.0.1g.tar.gz

if [[ $? -eq 0 ]]; then
	tar xzvf openssl-1.0.1g.tar.gz
	cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install
	# To link the old openssl library to a new version
	sudo ln -sf /usr/local/ssl/bin/openssl `which openssl`
	echo
	echo "DONE!"
fi

# eof

You can read more about the nature of the Heartbleed Bug at:

http://heartbleed.com/

Please Sign In

Please sign in to post a comment.

Web Development

View details »

Web Hosting

View details »

Our Portfolio

View portfolio »

WebSight Designs webSIGHTdesigns preferred email webSIGHTdesigns United States United States