FreeBDS 7 and TLS 1.2

Q

question

I've been told by one of my system administrators that my server won't support the latest SSL/TLS versions because I'm using FreeBSD 7 and it's no longer supported and too old.

Is there anyway to get a good version of TLS working on my FreeBSD 7 server so that I can server TLS/SSL certificates and websites where the PADLOCK or SSL SECURE LOCK will show without errors?

Thanks in advance.
 
I know this and I've been told it many many many times. I'm not that dumb to not know it myself either.

I plan on migrating to a new server, but first I have to have my customer's SSL working properly if at all possible on FreeBSD 7.

So I want to know if I can get the SSL/TLS working properly in the browser window on FreeBSD 7.
 
AS far as I know I just have to update OpenSSL. I wonder if I can do that manually just to get by for the day until I can get a new server and move things over?
 
As you can see since I'm still on FreeBSD 7 I'm not into just trying things. I was wondering if anyone knows if I can upgrade or rebuild a new version of OpenSSL on my FreeBSD 7.
 
question said:
AS far as I know I just have to update OpenSSL. I wonder if I can do that manually just to get by for the day until I can get a new server and move things over?
Click to expand...

Judging by your posting history, you were already told to upgrade that server, like, five years ago. What's the point of holding to this specific FreeBSD version? This would be (somewhat) understandable if that installation were working ok, but evidently it doesn't.
 
You can try. Download the source for today's OpenSSL, and start compiling. The chance of succeeding out of the box is very low. You can either try to find some sort of archive place (the internet archive?) that has a 10-year old copy of the FreeBSD port tree. Or you can start modifying the source and make files until it starts working. It would probably take an experienced engineer a day or two to get it to work. I don't know whether you are an an experienced software engineer.

I would suggest that you also immediately start either upgrading the system (which is theoretically possible, although most likely very tedious), and/or setting up a new system from scratch.
 
shkhln said:
Judging by your posting history, you were already told to upgrade that server, like, five years ago. What's the point of holding to this specific FreeBSD version? This would be (somewhat) understandable if that installation were working ok, but evidently it doesn't.
Click to expand...

I'm not here to discuss irrelevant things like this. If you have the solution, great. Please share, I'd appreciate it. Otherwise keep the creative and off-topic replies to yourself.
 
ralphbsz said:
You can try. Download the source for today's OpenSSL, and start compiling. The chance of succeeding out of the box is very low. You can either try to find some sort of archive place (the internet archive?) that has a 10-year old copy of the FreeBSD port tree. Or you can start modifying the source and make files until it starts working. It would probably take an experienced engineer a day or two to get it to work. I don't know whether you are an an experienced software engineer.

I would suggest that you also immediately start either upgrading the system (which is theoretically possible, although most likely very tedious), and/or setting up a new system from scratch.
Click to expand...

Do I really need your permission to try? I came here to ask if anyone had a working solution, not a bunch of nonsense. I likely won't be back to read any replies to this until I forget that there is nothing useful here that I didn't already know.
 
Simple as that, if you're unwilling to take the only sane advice, you're on your own. Running EOL systems was always one of the worst ideas, back in the 90s as well as now, and independent of the brand as well. So please don't tell silly stories. By not upgrading in almost 10 years, you caused the trouble you're in right now -- be thankful it's "only" missing support for any secure version of TLS. Now go fix it. Insulting people here will NOT fix it.
 
In times of Corona this thread made me laugh. Serious, if someone wants to use ancient versions why not.
Your just 99.9999999% on your own. Have fun.
 
question said:
Do I really need your permission to try? I came here to ask if anyone had a working solution, not a bunch of nonsense. I likely won't be back to read any replies to this until I forget that there is nothing useful here that I didn't already know.
Click to expand...
I love these threads. You come here asking for help and you get 20 guys telling you tp spend a month upgrading 90 pieces of software and rebuilding an entire server, as if there weren't good reasons that you're still using an old version of the os. As if these seasoned veterans don't know how much work it would be to upgrade from 7 to 11 or 12, when all you want to do is upgrade one thing.
 
Barney said:
I love these threads. You come here asking for help and you get 20 guys telling you tp spend a month upgrading 90 pieces of software and rebuilding an entire server, as if there weren't good reasons that you're still using an old version of the os. As if these seasoned veterans don't know how much work it would be to upgrade from 7 to 11 or 12, when all you want to do is upgrade one thing.
Click to expand...
Well, if that makes you happy, you can think of the forum rules as a great conspiracy to push people to pay money for the support. There are definitely ways of isolating old software (like VMs), which may be applicable here, but we aren't going to guide you through the whole such setup for free.
 
shkhln said:
Well, if that makes you happy, you can think of the forum rules as a great conspiracy to push people to pay money for the support. There are definitely ways of isolating old software (like VMs), which may be applicable here, but we aren't going to guide you through the whole such setup for free.
Click to expand...
Perhaps he was hoping to find someone also running an old version that could help him? Nobody is asking you to help anyone if you don't want to. It's supposed to be a community; not a bunch of angry old men scolding people for doing things differently than they're doing it.
 
question said:
As you can see since I'm still on FreeBSD 7 I'm not into just trying things. I was wondering if anyone knows if I can upgrade or rebuild a new version of OpenSSL on my FreeBSD 7.
Click to expand...
Why are you even going this route? Have you considered fronting the system with a reverse proxy (on a current OS) that does the job for you? It's hack-ish but it would be a reasonably quick workaround until you manage to upgrade.
 
cmoerz said:
Why are you even going this route? Have you considered fronting the system with a reverse proxy (on a current OS) that does the job for you? It's hack-ish but it would be a reasonably quick workaround until you manage to upgrade.
Click to expand...

You know you're replying to a question almost 3 years old, right? :p
 
You must log in or register to reply here.
Back
Top