Openssl version needed going forward?

#1

There is a warning Openssl 1.0.1 is deprecated. Which version should I need to upgrade to continue using letsencrypt certificates going forward?

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

#2

What warning?

Please answer the questions above.

1 Like
#3

When I try many operations, such checking the status of my certificates, I get the following warning.

/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py:163: CryptographyDeprecationWarning: OpenSSL version 1.0.1 is no longer supported by the OpenSSL project, please upgrade. A future version of cryptography will drop support for it.
utils.CryptographyDeprecationWarning

What version of OpenSSL do I need to update to?

#4

1.0.2 would be sufficient.

#5

I have 1.0.1t. When I tried to update, my system says the latest is installed. I have already done apt-get update, and apt-get upgrade.

#6

With non-rolling release OSes, it’s often necessary to upgrade to a newer release of the OS to get a newer version of core system libraries like OpenSSL.

1 Like
#7

Could you please give me a link for how to do this? Is there any chance other parts if my system such as the Apache server could break with such a manual update?

#8

Hi @Cqc,

You haven’t given our community enough information to help you with this. Can you answer all of the questions from the original help template?

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

#9

My problem description is simpler now. The warning appears simply by running the version command

certbot-auto --version
output:
/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py:163: CryptographyDeprecationWarning: OpenSSL version 1.0.1 is no longer supported by the OpenSSL project, please upgrade. A future version of cryptography will drop support for it.
utils.CryptographyDeprecationWarning
certbot 0.32.0

(so independent of my domains)

Server version: Apache/2.4.10 (Raspbian)

Raspberry Pi3 Raspbian
4.14.59-v7+ #1131 SMP Thu Aug 2 15:57:42 BST 2018 armv7l GNU/Linux

Yes, I ran the above as root

certbot-auto version 0.32.0

Thank you for any help!

closed #10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.