we are using apache webserver ver 2.2.3 with open SSL version 0.9.8e-fips-rhel5 (linux environment). We are required to upgrade the openSSL to the latest version for security reasons. I have following doubts
as per https://www.openssl.org/news/secadv_20140605.txt, ver 0.9.8 should be upgraded to 0.9.8za. Please let me know if its ok to upgrade to 0.9.8za or we should go for 1.0.1h
what is the procedure of upgrading openssl which comes with apache webserver
Is it required to regenerate the keys and certificate again