Finding the Open SSL Version used by WAF


This article applies to:

  • All Versions of WAF

Question:

  • How can I tell what version of SSL the WAF is using?
  • The SSL Spec for WAF 7.5 SP4 shows that WAF uses OpenSSL 1.0.1s. However, in /opt/breach/bwd/lib the versions of both libssl and libcrypto appear as 1.0.0. 

Procedure:

WAF installs and uses its own copy of OpenSSL executables. This may not be the same version as the OpenSSL provided by the operating system.

To determine the version of OpenSSL used by WAF:

  1. Connect to the WAF server using SSH
  2. Log in as BGSE> su - for root. 
  3. Type: 
     
      # export LD_LIBRARY_PATH=/opt/breach/bwd/lib; /opt/breach/bwd/bin/openssl version
     
  4. You can also determine the version of OpenSSL used by the operating system by simply typing:

      # openssl version

Last Modified 10/10/2016.
https://support.trustwave.com/kb/KnowledgebaseArticle20615.aspx