> the result of freeradius -X isHi, you don’t need to change libssl. The above is a safety measure introduced after Heartbleed.
> Refusing to start with libssl version OpenSSL 1.0.1 14
> Mar 2012 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)
>
> how can I change the libssl then? what's the command?
What you *do* need to do is modify radiusd.conf and change the "allow_vulnerable_openssl" setting to "yes", since this is a Debian system and the Debian maintainers chose to patch their OpenSSL package instead of moving to the fixed version (1.0.1g).
Stefan
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238