Hello again info-WASD.
I have back-ported the v10.3.0 SSL update suitable all version of v10.n,
built and tested it against 10.0.3, 10.1.1 and 10.2.1, with both the latest
OpenSSL 1.0.1j and HP SSL V1.4-493. (This was substantially in-place prior
to uncovering the workaround reported in the recent reply to Olivia.) There
are some accommodations for these earlier versions of WASD but in the
essentials it is much the same as previously advised for v10.3.0.
The archive can be download from the usual location
http://wasd.vsm.com.au/wasd/
The package contains source code only and must be updated using the COMPILE
option. There are too many combinations to provide per-release object code.
Restore to the WASD location and update the SSL.
$ @WASD_FILE_DEV
$ SET DEFAULT WASD_ROOT:[000000]
$ UNZIP location:SESOLA141113.ZIP
$ @UPDATE SSL !*** be sure to choose the COMPILE option ***
$ INSTALL REPLACE WASD_EXE:HTTPD_SSL.EXE
$ HTTPD/DO=RESTART=NOW
The server release number remains the same (i.e. 10.n.n) but the server
identification string shows an additional value appended, for example
"HTTPd-WASD/10.0.3 OpenVMS/AXP SSL/141113"
Checking whether a specific protocol version is enabled on a site:
$ openssl s_client -ssl2 -host <host name or address> -port 443
$ openssl s_client -ssl3 -host <host name or address> -port 443
$ openssl s_client -tls1 -host <host name or address> -port 443
$ openssl s_client -tls1_1 -host <host name or address> -port 443
$ openssl s_client -tls1_2 -host <host name or address> -port 443
$ openssl s_client -host <host name or address> -port 443
Please feedback on success (or otherwise) if anyone uses this approach.
Cheers, Mark.
|