Hi @duanew
What I did was:
Step 0. DO A BACKUP!!!!! Oh my word, do not forget this step!
1. Download the latest version of openSSL from [
slproweb.com]
2. it's important to ensure that you have the version of the Microsoft Visual C++ redistributable package that matches the version of openssl you had downloaded. To be honest, this is where I kept getting tripped up, but I simply searched microsoft for all of them and installed them all (I needed some for other applications there anyway). I think the SL guys use visual studio 2013, so aim for the 2013 releases at least, and I'd probably do both 32bit and 64bit.
3. Once openSSL has been installed locally, go the the INSTALLDIR\bin\ folder, and copy the following files:
- libeay32.dll
- ssleay32.dll
- openssl.exe
4. Go to your WAMP\bin\apache\apache.ver\bin folder and paste the above files there.
5. At this stage, test the httpd config syntax. I'm a little rusty on the process, because it's now a button to simply click in WAMP 3.0, but I think you open a command window in your apache bin folder and run:
httpd.exe -t
- If there are any errors, address them, but I wouldn't think you'd see any if you have the right C++ libraries installed.
6. Restart your web services and it should come up now.
I hope that helps. I just went through a server migration, so I have done the steps as a from-scratch setup, so hopefully I've included the right info for a simple openSSL update.
From what you've mentioned though, you may need to see if you can update the actual version of cURL that is being used, although I would probably be wrong on that...
One last piece of info that might come in use - if you want to update your own server to have better SSL security, the Mozilla guys put out a good apache config generator. It's available at [
mozilla.github.io]. It's really quick and neat, and will list the minimum spec of common browsers and OSs that are compatible with the particular profile you choose (modern, intermediate, etc).
Hope that helps!
-Nathan