1.0.1e has a lot of security issues including heartbleed vulnerability (
http://heartbleed.com).
It seems that the version shipped with your linux distro fixed this bug but we refer to the offical openssl codebase in our docs.
Technically (or api wise) its not a problem to use 1.0.1e but it maybe insecure.
But to be on the safe sdide we recommend to use always the most recent version of openssl (as of 17. Jan 2017 its 1.0.2j and 1.1.0c).
You can do this by compiling it yourself (instead of relying on the version shipped with your linux distribution) or use our statically compiled
version of the netty tcnative openssl library (currently openssl 1.0.2h for SG2 and 1.0.2j for SG5)
Hope this helps
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
search-guard...@googlegroups.com.
> To post to this group, send email to
search...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/search-guard/a1e57b95-2f1a-4e79-8f30-e10f4369c6cd%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.