Upgrading Openssl without touching the existing running Apache httpd

Jephe Wu - http://linuxtechres.blogspot.com

Environment:
Linux server, httpd 2.2.15, Openssl 1.0.0
Objective
: upgrading Openssl from 1.0.0 to 1.0.0a without touching running Apache configuration


Steps: 
firstly, backup /usr/local/apache2 directory.

1. compile new version of openssl 1.0.0a first
mv /usr/local/ssl /usr/local/ssl.1.0.0
cd ~jephe
cd openssl1.0.0a
./config;make;make test;make install


2. reconfigure apache with the new version of ssl

cd ~jephe
cd httpd-2.2.15
./config.nice
make

 ---------
note:
[root@web1 httpd-2.2.15]# more config.nice
#! /bin/sh
#
# Created by configure

"./configure" \
"--prefix=/usr/local/apache2" \
"--enable-mods-shared=most ssl rewrite deflate headers expires mime-magic unique-id" \
"--with-ssl=/usr/local/ssl" \
"$@"

----------
Now, running the following command to generate new ssl module

/home/jephe/httpd-2.2.15/srclib/apr/libtool --silent --mode=install cp mod_ssl.la /tmp
then copy /tmp/mod_ssl.so to replace the working one /usr/local/apache2/modules/ssl/mod_ssl.so(backup first)

or directly install to /usr/local/apache2/modules/

cd ~jephe/httpd-2.2.15/modules/ssl
../../build/instdso.sh /home/jephe/httpd-2.2.15/srclib/apr/libtool mod_ssl.la /usr/local/apache2/modules/
(backup mod_ssl.so first)

3. restart apache and confirm the version

/usr/local/apache2/bin/apachectl graceful
less /usr/local/apache2/logs/error_log

4. References
http://httpd.apache.org/docs/2.2/programs/apxs.html
http://httpd.apache.org/docs/2.2/dso.html