Rebuild Apache with OpenSSL 1.0.2k

I would like to upgrade the version of OpenSSL used by Apache from the default OpenSSL 1.0.1e to a newer, more secure version.  I have manually compiled OpenSSL 1.0.2k and it is sucessfully installedon the server:

Code: [Select]

# openssl version
OpenSSL 1.0.2k  26 Jan 2017
However when I view the Apache headers I can see that it is still using the old version:

Code: [Select]

Server:Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips
I rebuilt Apache and edited the default configuration to use the include folder from the new openssl

original:

Code: [Select]

--enable-ssl=/usr/include/openssl
new:

Code: [Select]

--enable-ssl=/usr/src/openssl-1.0.2k/include/openssl
However Apache still reports 1.0.1e.  What can I do to rebuild Apache with the new SSL version?  What am I missing? If I symlink  /usr/src/openssl-1.0.2k/include/openssl to /usr/include/openssl  would that work?  Any help anyone could provide with this would be really helpful as I've been looking at this for about a month without sucess.

why you didn't using the default version ? the security patches are updated regularly on base version rather the version number remains the same

It's for PCI compliance, the default version comes up as a PCI fail.

Last night I attempted to rebuild Apache  after symlinking /usr/src/openssl-1.0.2k/include/openssl to /usr/include/openssl and that just broke Apache completely. 

we haven't tested as this is a custom request and at the moment we use default centos/epel packages for ssl.
For custom requests you would need to google about it or contact our development team for custom project.