How to determine if OpenSSL and mod ssl are installed on Apache2

Question

Does anyone know the command to determine if OpenSSL and mod ssl are installed on Apache2

User · Answer

Usually  when you compile your apache2 server  or install it by packages facility stuff   you can check any directive that re available to be used by tapping this command        which httpd  -L   grep SSL   on RHEL CentOS Fedora      which apache2  -L   grep SSL   on Ubuntu Debian   If you don t see any SSL  directive  it means that you don t have apache2 with mod ssl compiled    Hopes it helps

User · Answer

You should install this Apache mod  http   httpd apache org docs 2 0 mod mod info html  it basically gives you a run down of the mods you re using and the Apache settings  I have this enabled on my Apache and it gives me this info for my website    Server Version  Apache 2 2 3  Debian  mod jk 1 2 18 PHP 5 2 0-8 etch13 mod ssl 2 2 3 OpenSSL 0 9 8c mod perl 2 0 2 Perl v5 8 8

User · Answer

Use the following commands    openssl version OpenSSL 1 0 1e-fips 11 Feb 2013  or similar output   For RHEL CentOS Fedora    httpd -t -D DUMP MODULES   grep ssl ssl module  shared   For Ubuntu Debian   apache2 -t -D DUMP MODULES   grep ssl ssl module  shared   For SUSE   httpd2 -t -D DUMP MODULES   grep ssl ssl module  shared

User · Answer

To find the ssl version   Go to Apache bin folder in command prompt Enter these commands  openssl version

User · Answer

If you have PHP installed on your server  you can create a php file  let s called it phpinfo php and add this  lt  php echo phpinfo     gt   and open the file in your browser   this shows information about your system environment  to quickly find info about your Apache loaded modules  locate  Loaded Modules  on the resulting page

User · Answer

Create a test php file with the following code in a www folder    lt  php echo phpinfo     gt    When you navigate to that page URL in the browser  You will see something similar if you have openssl enabled

User · Answer

To determine openssl  amp  ssl module    rpm -qa   grep openssl openssl-libs-1 0 1e-42 el7 9 x86 64 openssl-1 0 1e-42 el7 9 x86 64 openssl098e-0 9 8e-29 el7 centos 2 x86 64 openssl-devel-1 0 1e-42 el7 9 x86 64   mod ssl    httpd -M   grep ssl   or    rpm -qa   grep ssl

User · Answer

Enable mod ssl in httpd conf and restart the apache  You will see the openssl information in error log as below   x000D   x000D   Fri Mar 23 15 13 38 448268 2018   mpm worker notice   pid 8891 tid 1  AH00292  Apache 2 4 29  Unix  OpenSSL 1 0 2n configured -- resuming normal operations x000D   Fri Mar 23 15 13 38 448502 2018   core notice   pid 8891 tid 1  AH00094  Command line    opt apps apache64 2 4 29 bin httpd  x000D   x000D   x000D

User · Answer

In my case this is how I got the information    find where apache logs are located  and go there  in my case   cd  var log apache2 find in which log openssl information can be found   grep -i apache  openssl   log  e g  error log     to get fresh information  restart apache  e g   rcapache2 restart   or service apache2 restart check for last entries in the log  e g    var log apache2   tail error log   Thu Jun 09 07 42 24 2016   notice  Apache      Linux      mod ssl 2 2 22 OpenSSL 1 0 1t

User · Answer

Using Apache 2  you can see what modules are currently loaded by the HTTP daemon by running the following command   apache2ctl -M   The -M option is really just a parameter passed to httpd      apache2ctl is a front end to the Apache HyperText Transfer Protocol    HTTP  server   It  is          designed to help the administrator control the functioning of the Apache apache2 daemon      NOTE  The default Debian configuration requires the environment variables APACHE RUN USER     APACHE RUN GROUP  and APACHE PID FILE to be set in  etc apache2 envvars      The apache2ctl script returns a 0 exit value on success  and  gt 0 if an error  occurs    For    more details  view the comments in the script

User · Answer

If you have PHP installed on your server  you can chek it in runtime using  extension loaded  funciontion  Just like this    lt  php if   extension loaded  openssl             no openssl extension loaded      gt

User · Answer

to verify in php command lie    php -i   grep openssl

User · Answer

Fortunately  Most flavors of Linux have OpenSSL  out of the box    To verify installation   openssl version Response  OpenSSL 1 0 1t  3 May 2016     Note  version OpenSSL 1 0 1 through 1 0 1f  inclusive  are vulnerable to the OpenSSL Heartbleed Bug  Versions 1 0 1g and greater are fixed    For additional install info   Ubuntu Debian dpkg -l   grep -i openssl Response  ii  libcrypt-openssl-random-perl  0 04-2 b1       amd64  module to access the OpenSSL pseudo-random number generator ii  libcurl3 amd64                 7 38 0-4 deb8u5 amd64  easy-to-use client-side URL transfer library  OpenSSL flavour  ii  libgnutls-openssl27 amd64      3 3 8-6 deb8u4  amd64  GNU TLS library - OpenSSL wrapper ii  openssl                        1 0 1t-1 deb8u6 amd64  Secure Sockets Layer toolkit - cryptographic utility ii  python-ndg-httpsclient         0 3 2-1         all    enhanced HTTPS support for httplib and urllib2 using PyOpenSSL ii  python-openssl                 0 14-1          all    Python 2 wrapper around the OpenSSL library ii  ssl-cert                       1 0 35          all    simple debconf wrapper for OpenSSL  Yea  OpenSSL is installed     To install OpenSSL if you don t have it  try   Debian Ubuntu  sudo apt-get install openssl  RedHat CentOS  yum install openssl

User · Answer

If you just run openssl in your terminal it should present the openSSL shell   My first clue to knowing that I didn t have mode ssl was when I got the following error after adding SSLEngine on in my virtualhost file   Invalid command  SSLEngine   perhaps misspelled or defined by a module not included in the server configuration   In centos I just had to install it via yum install mod ssl

User · Answer

Just look in the ssl engine log in your Apache log directory where you should find something like    ssl info   pid 5963 tid 139718276048640  AH01876  mod ssl 2 4 9 compiled against Server  Apache 2 4 9  Library  OpenSSL 1 0 1h

User · Answer

The default Apache install is configured to send this information on the Server header line   You can view this for any server using the curl command     curl --head http   localhost  HTTP 1 1 200 OK Date  Fri  04 Sep 2009 08 14 03 GMT Server  Apache 2 2 8  Unix  mod ssl 2 2 8 OpenSSL 0 9 8a DAV 2 PHP 5 2 6 SVN 1 5 4 proxy html 3 0 0

[ssl] How to determine if OpenSSL and mod_ssl are installed on Apache2

Examples related to ssl

Examples related to apache2