Forum OpenACS Q&A: Re: https is down

Collapse
20: Re: https is down (response to 1)
Posted by Jade Rubick on
On Debian, apparently it's not so easy to just upgrade to 0.9.7

You can't do it using apt-get, because 0.9.7 is on unstable and testing, and is compiled against gcc 3.x, etc..

So Debian users either have to compile it themselves, and lose the benefits of Debian package management, or continually restart their servers.

Ug.

Collapse
21: Re: https is down (response to 20)
Posted by Andrew Piskorski on
Actually, on Debian, it's not any harder than on, say, Solaris. :) Yes, so far I've always fallen back to installing from source, mostly because I already knew how to do it, and at least that way I could do it exactly (well, almost...) the same on Solaris, Debian, and Red Hat.

But in this case, the Right Way would be to build your own OpenSSL 0.9.7b binary package for Debian Stable. Probably using the same source package that's in testing now, you just need to rebuild with the older Stable tool chain.

Personally, I haven't gotten around to actually doing that sort of thing yet, but my understanding is it's not bad. At least, several people here do that sort of thing, and I've read (on the Beowulf mailing list, other places) that it's not unusual for admins of large clusters to choose to rebuild most of their binary packages from source packages as a matter of course.

For Debian though, I bet someone has already done it, and if you like can just add a line to your /etc/apt/sources.list and download their binary package.