![]() We simply told the dynamic linker to include new libraries. Or maybe you will get an error with loading shared libraries? In order to fix that problem we need to create an entry in ldconfig.Ĭreate following file: sudo vi /etc/ld.so.conf.d/openssl-1.1.1c.confĪnd paste there following contents: # /etc/ld.so/conf.d/openssl-1.1.1c.conf Then you can check the version of your OpenSSL client. ![]() Save the file and reload your shell, for instance log out and log in again. In order to do that, create following file: sudo vi /etc/profile.d/openssl.shĪnd paste there following content: # /etc/profile.d/openssl.sh Instead of overriding files I personally like to create new profile entry and force the system to use compiled version of OpenSSL. The reason is that when there is new version of OpenSSL and you will install it via yum, it will simply override compiled version, and you will have to recompile it again. Why? Because it's also installed on your server. I rarely override packages installed via yum. Add new version to PATHĪfter the installation you will probably want to check the version of OpenSSL but it will print out old version. Once the OpenSSL is installed, you can remove the sources and tar.gz package. In order to install library you need to execute: sudo make install If there are any, you need to fix them before installing library. It is worth to run the tests to see if there are any unexpected errors. shared will force crating shared libraries and zlib means that compression will be performed by using zlib library Prefix and openssldir sets the output paths for OpenSSL. config -prefix=/usr/local/openssl -openssldir=/usr/local/openssl shared zlib Now it's time to configure and compile OpenSSL. In order to decompress it use following command: tar -zxvf OpenSSL_1_1_1c.tar.gz In order to download source code, use following command: curl -O -L If you want to read more about it, use this link. And I think that it's a bit more secure to have OpenSSL without FIPS, as fixes are usually included much faster in regular version than in FIPS version. I choose the version without FIPS simply because I don't need compatibility with it. ![]() Next download latest version of OpenSSL source code. It will install compiler and few other libraries that are required to compile OpenSSL. In order to compile it successfully you need to install some tools that will help you compile it: sudo yum install libtool perl-core zlib-devel -y It will print out version of installed package like OpenSSL 1.0.2k-fips How to install latest version of OpenSSL? In order to check current version of installed package you need to execute following command: openssl version If you need it for any other reason, this tutorial is for you:) How to check current version of OpenSSL? I needed it for compiling Apache HTTP with HTTP/2 support back then and now I'm using new version every time it's released. Default version is doing great job and it's secure. Hi there, today I would like to show you how to install latest version of OpenSSL ( 1.1.1c) on CentOS 7 Do I need latest version of OpenSSL? ![]()
0 Comments
Leave a Reply. |