Curl Update
Mrh (Diskussion | Beiträge) |
Mrh (Diskussion | Beiträge) |
||
Zeile 1: | Zeile 1: | ||
There's an issue when e.g. updating Joomla Plugins, curl cannot verify peer certificate because of an outdated CA Bundle. See here: https://github.com/joomla-extensions/weblinks/issues/79 | There's an issue when e.g. updating Joomla Plugins, curl cannot verify peer certificate because of an outdated CA Bundle. See here: https://github.com/joomla-extensions/weblinks/issues/79 | ||
− | To resolve and have an up-to-date CA-Certificate Bundle (and CURL library), it's necessary to update the Curl package. This can be done like this: | + | To resolve this and have an up-to-date CA-Certificate Bundle (and CURL library), it's necessary to update the Curl package. This can be done like this: |
== Prerequisites == | == Prerequisites == | ||
Zeile 12: | Zeile 12: | ||
== Update == | == Update == | ||
− | |||
Copy the following RPMS to the Sever: | Copy the following RPMS to the Sever: | ||
<pre> | <pre> | ||
Zeile 27: | Zeile 26: | ||
</pre> | </pre> | ||
+ | == Testen == | ||
+ | Zuerst in der aktuellen Sshell ebenfalls die Pfade für die Shared Libraries zu aktualisieren: | ||
+ | /sbin/ldconfig | ||
+ | |||
+ | Danach auf github verbinden (hat ein neues CA Zertifikat, welches nur im neuen ca-bundle enthalten ist): | ||
+ | curl https://github.com/ | ||
[[Category:ServerAdmin]] | [[Category:ServerAdmin]] |
Version vom 19. August 2015, 14:07 Uhr
There's an issue when e.g. updating Joomla Plugins, curl cannot verify peer certificate because of an outdated CA Bundle. See here: https://github.com/joomla-extensions/weblinks/issues/79
To resolve this and have an up-to-date CA-Certificate Bundle (and CURL library), it's necessary to update the Curl package. This can be done like this:
Prerequisites
OpenSSL Update must be done before as described here: http://syswiki.internet-license.net/index.php?title=Openssl_patch
Package "customopenssl" must be isntalled. Check with:
rpm -qa customopenssl
Update
Copy the following RPMS to the Sever:
scp libcurl4-7.44.0-1.1.x86_64.rpm tuxNN:/usr/local/src/rpm/openssl_upgrade scp curl-7.44.0-1.1.x86_64.rpm tuxNN:/usr/local/src/rpm/openssl_upgrade scp curl-ca-bundle-7.44.0-1.1.x86_64.rpm tuxNN:/usr/local/src/rpm/openssl_upgrade
(only updating the ca bundle would not help because current curl cannot cope with hashing algorithms within the new bundle)
Then update packages on the server:
cd /usr/local/src/rpm/openssl_upgrade rpm -Uvh libcurl4-7.44.0-1.1.x86_64.rpm curl-7.44.0-1.1.x86_64.rpm curl-ca-bundle-7.44.0-1.1.x86_64.rpm
Testen
Zuerst in der aktuellen Sshell ebenfalls die Pfade für die Shared Libraries zu aktualisieren:
/sbin/ldconfig
Danach auf github verbinden (hat ein neues CA Zertifikat, welches nur im neuen ca-bundle enthalten ist):
curl https://github.com/