SSL Version and Open SSL version are different in ubuntu 14.04 with php version 5.6

Question

I see the different versions on running this terminal

echo '<?php phpinfo(); ?>' | php 2>&1 |grep -i ssl

Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv2, tls, tlsv1.0, tlsv1.1, tlsv1.2
SSL => Yes
SSL Version => OpenSSL/1.0.1f
core SSL => supported
extended SSL => supported
openssl
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.1.0g  2 Nov 2017
OpenSSL Header Version => OpenSSL 1.1.0g  2 Nov 2017
Openssl default config => /usr/lib/ssl/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value
Native OpenSSL support => enabled

Thanks for looking into this I have pasted it here https://pastebin.com/4F6HTjGr — venu Bondugula, Dec 28 '17 at 07:31
Please add this information to the question itself, not to an external site where the information might be eventually lost. — Tero Kilkanen, Dec 28 '17 at 07:42

score 0 · Accepted Answer · answered Dec 28 '17 at 07:46

0

You are seeing the versions of two different pieces of PHP.

The first output is for the curl module. PHP's curl interface uses the curl library provided by the OS, which then uses the OpenSSL library it is linked against, in this case 1.0.1f.

Then, PHP has a direct OpenSSL interface, which is linked against version 1.1.0g.

If you want curl to use a newer OpenSSL version, you need to upgrade your curl library, and make sure PHP's curl module uses the newer library.

answered Dec 28 '17 at 07:46

Tero Kilkanen

34,499
3
38
58

Ok understood. I want to my PHP to use OpenSSL of version 1.0.1f, what should I do for that? – venu Bondugula Dec 28 '17 at 13:48
The actual issue I'm facing is I'm trying to use `DSS1` algorithm to sign some data and I want to get that algorithm from the output of `openssl_get_md_methods()`. Bu with this setup the output of this method is https://pastebin.com/9hmP4DtQ But in another setup, I have both the SSL versions same(1.0.1f with php vesion 5.5.9) where the response of that method is https://pastebin.com/TD2p4xDU – venu Bondugula Dec 28 '17 at 14:21
You should actually open another question when the question changes like this. However, according to https://github.com/sparkle-project/Sparkle/issues/1132, you can use SHA1 instead of DSS1. This also explains why this change happened. Another option is to find a PHP version that uses OpenSSL 1.0.1f, however it is not recommended to use previous versions of software. – Tero Kilkanen Dec 29 '17 at 07:54

SSL Version and Open SSL version are different in ubuntu 14.04 with php version 5.6

1 Answers1