The Apache Haus Forum

Forum Topics => Announcements => Topic started by: Gregg on January 11, 2017, 10:10:06 PM

Title: OpenSSL 1.0.1 has gone EOL
Post by: Gregg on January 11, 2017, 10:10:06 PM
OpenSSL 1.0.1 reached it's end of life at the end of 2016.

What this means to our 2.4.x VC11 users that utilize the OpenSSL 1.0.1 downgrades is you will have this luxury no more because Apache Haus will not compile and release "old dead version" of OpenSSL.  You should be ok with 1.0.1u for a while, but as soon as 1.0.2 gets a new release I would suspect the bug is also in 1.0.1. While this is not always the case, it is enough to remove confidence in 1.0.1u.

Your options are few. If you must run php 5.5 or 5.6, you will have to use mod_fcgid to run php 5.5/6 from now on. If you are ok with moving to PHP7, then just move to a VC14 Apache build as php7 uses OpenSSL 1.0.2 and the php module can be loaded.