How to Fix Openssl BUG for Cpnginx

We have an update for Cpnginx with a new version 11.7 which have a fix for the openssl bug ?

What is Openssl Bug?

Recently Redhat upgraded openssl to version openssl-1.0.2k-23.el7_9.x86_64 , which breaks any apache or nginx servers or other services using the OCSP ssl sapling mechanism.

How to solve this issue?

You need to disable SSL OCSP sapling on your virtual hosts

Steps to Fix it in Cpnginx

Upgrade cpnginx and do the following steps from server shell

# wget -c https://syslintportal.com/downloads/cpnginx-11.7.tar.gz

# tar -xzf cpnginx-11.7.tar.gz

# cd cpnginx-11.7

# ./install.sh

Now disable OCSP sapling and rebuild vhosts

# touch /etc/cpnginx/disable_ocsp

# nginxctl build vhosts

# nginxctl restart

Soon after a patch from Redhat developers available for the openssl, you can simply remove /etc/cpnginx/disable_ocsp and rebuild vhosts to enable OCSP saplin

Do you need an expert to solve your server problems ? Are you looking for a long term support solution?.

How to Fix Openssl BUG for Cpnginx

What is Openssl Bug?

How to solve this issue?

Steps to Fix it in Cpnginx

# wget -c https://syslintportal.com/downloads/cpnginx-11.7.tar.gz

# tar -xzf cpnginx-11.7.tar.gz

# cd cpnginx-11.7

# ./install.sh

# touch /etc/cpnginx/disable_ocsp

# nginxctl build vhosts

# nginxctl restart

See Also:

Popular Category

Tags

About the author

Company

Hosting Support

Server Management

Services

Quick Links

Mailing Address

Syslint Technologies (India) Pvt. Ltd.

First Floor, Asiatic Business Centre

Trivandrum-695582, India

Quick Contact

PHONE : (+91) 944 760 7799

MAIL : pre[dot]sales[at]syslintportal.com

SKYPE : SyslintSkype