Update OpenSSL to 1.0.1g using Ansible

install.sh

#!/bin/bash
# roles/openssl/files/install.sh

wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz -O /tmp/openssl-1.0.1g.tar.gz

cd /tmp
tar -xvzf openssl-1.0.1g.tar.gz

cd openssl-1.0.1g

./config --prefix=/usr         \
  --openssldir=/etc/ssl \
  --libdir=lib          \
  shared                \
  zlib-dynamic

make install

make clean

cd ..

rm -rf openssl-1.0.1g.tar.gz openssl-1.0.1g/

main.yml

# roles/openssl/tasks/main.yml
---
- name: check openssl version
  shell: "openssl version"
  ignore_errors: yes
  register: openssl_version_query
  tags: openssl

- script: install.sh
  when: openssl_version_query.stdout.find('1.0.1g') == -1
  tags: openssl

You'll want to make sure you don't have any systems that currently have the old version of OpenSSL running too.

Use lsof -n | grep ssl | grep DEL to find them and restart those services.