Scribd
Upload
8 views

How to Install the latest OpenSSL version from Source on Linux

Uploaded by

Cong Toan Truong
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
8 views

How to Install the latest OpenSSL version from Source on Linux

Uploaded by

Cong Toan Truong
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

7/21/2019 How to Install the latest OpenSSL version from Source on Linux

Log in or Sign up

Search...

Tutorials Tags Forums Linux Commands Subscribe ISPConfig News

 Tutorial search

Home How to Install the latest OpenSSL version from Source on Linux

Ad Scan your Web-Server for Malware with ISPProtect now. Get Free Trial.

How to Install the latest OpenSSL version from Source on Linux

OpenSSL is a widely used crypto library that implements SSL On this page
and TLS protocols for secure communication over computer
networks. OpenSSL is used by many programs like Apache What we will do?
Web server, PHP, Postfix and many others. OpenSSL provides Step 1 - Install Dependencies
support for various cryptographic algorithms such as ciphers On Ubuntu
(AES, Blowfish, DES, IDEA etc.), cryptographic hash functions On CentOS
(MD5, MD4, SHA-1, SHA-2 etc.) and public key cryptography Step 2 - Download OpenSSL
(RSA, DSA, Diffie-Hellman key exchange). Step 3 - Install OpenSSL
Install and Compile OpenSSL
Configure Link Libraries
In this tutorial, I will show you step by step how to install the
Configure OpenSSL Binary
latest stable OpenSSL version from source on Ubuntu 18.04 Step 4 - Testing
and CentOS 7.6 servers. Reference

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 1/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

What we will do?


Install Dependencies
Download OpenSSL Source Code
Install OpenSSL
Compile and Install OpenSSL
Configure Link Libraries
Configure OpenSSL Binary
Testing

Step 1 - Install Dependencies

The first step, before we can compile the OpenSSL library from source, is to install some package dependencies including
the 'build-essential' package on Ubuntu, or 'Development Tools' package on CentOS.

On Ubuntu

Update the Ubuntu repository and install package dependencies for software compilation using the apt command below.

sudo apt update


sudo apt install build-essential checkinstall zlib1g-dev -y

On CentOS

Install the 'Development Tools' and some packages libraries using the yum command.

yum group install 'Development Tools'


yum install perl-core zlib-devel -y
https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 2/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

After the installation is complete, go to the next step.

Step 2 - Download OpenSSL

In this tutorial, we will install the latest stable version of OpenSSL - OpenSSL 1.0.2o. You can download the source code from
the OpenSSL site.

Go to the '/usr/local/src' directory and download the OpenSSL source code using wget.

cd /usr/local/src/
wget https://www.openssl.org/source/openssl-1.0.2o.tar.gz

Now extract the openssl.tar.gz file, and go to the 'openssl' directory.

tar -xf openssl-1.0.2o.tar.gz


cd openssl-1.0.2o

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 3/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

The OpenSSL source code has been downloaded.

Step 3 - Install OpenSSL

Before installing the custom OpenSSL version to the system, let's check the installed version using the command below.

openssl version -a

Below is my results on Ubuntu:

And this is on CentOS:

We will replace the '1.1.0g' version with the latest stable version 1.0.2o.

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 4/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

We will install the new OpenSSL version to the specific directory '/usr/local/ssl', and then enable the Link Libraries of
OpenSSL, and configure the new binary PATH for OpenSSL.

Install and Compile OpenSSL

Go to the openssl downloaded directory '/usr/local/src/openssl'.

cd /usr/local/src/openssl-1.0.2o

Configure and compile OpenSSL with commands below.

./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib

make
make test

Wait for the OpenSSL compile process.

Note:

--prefix and --openssldir = Set the output path of the OpenSSL.


shared = force to create a shared library.
zlib = enable the compression using zlib library.

When the compile process is complete, install the OpenSSL using the command below.

make install

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 5/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

OpenSSL is installed in the '/usr/local/ssl' directory.

Configure Link Libraries

Next, we will configure the shared libraries for OpenSSL. The new OpenSSL binary will load library files from the
'/usr/local/ssl/lib' directory.

Go to the '/etc/ld.so.conf.d' directory and create new configuration file 'openssl-1.0.2o.conf'.


https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 6/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

cd /etc/ld.so.conf.d/
vim openssl-1.0.2o.conf

Paste the openssl library path directory.

/usr/local/ssl/lib

Save and exit.

Now reload the dynamic link using the command below.

sudo ldconfig -v

And you will see the OpenSSL libraries on the '/usr/local/ssl/lib' directory has been loaded.

Ubuntu:

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 7/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

CentOS:

Configure OpenSSL Binary

We will replace the default openssl binary '/usr/bin/openssl or /bin/openssl' with the new version '/usr/local/ssl/bin/openssl'.

On Ubuntu 18.04 LTS

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 8/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

Backup the binary files.

mv /usr/bin/c_rehash /usr/bin/c_rehash.BEKUP
mv /usr/bin/openssl /usr/bin/openssl.BEKUP

Edit the '/etc/environment' file using vim.

vim /etc/environment

Now add the new OpenSSL binary directory as below

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/game
s:/usr/local/ssl/bin"

Save and exit.

Reload the environment file and test the new updated binary PATH.

source /etc/environment
echo $PATH

Now check again the OpenSSL binary file.

which openssl

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 9/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

You will get the result as below.

The binary path of OpenSSL for Ubuntu has been updated.

On CentOS 7.6

Backup the CentOS OpenSSL binary files.

mv /bin/openssl /bin/openssl.BEKUP

Create new environment files for OpenSSL.

vim /etc/profile.d/openssl.sh

Paste configuration below.

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 10/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

#Set OPENSSL_PATH
OPENSSL_PATH="/usr/local/ssl/bin"
export OPENSSL_PATH
PATH=$PATH:$OPENSSL_PATH
export PATH

Save and exit.

Make the openssl.sh file executable.

chmod +x /etc/profile.d/openssl.sh

Load the OpenSSL environment and check the PATH bin directory using commands below.

source /etc/profile.d/openssl.sh
echo $PATH

Now check the OpenSSL file.

which openssl

You will get the result as below.

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 11/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

The binary path for OpenSSL on CentOS has been updated.

Step 4 - Testing

Test the OpenSSL new version using the following command.

openssl version -a

The result on Ubuntu.

https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 12/19
7/21/2019 How to Install the latest OpenSSL version from Source on Linux

Result on CentOS.

The new latest stable version of OpenSSL has been installed from source on Linux Ubuntu 18.04 and CentOS 7.5.

Reference
https://wiki.openssl.org/

About Muhammad Arul

Muhammad Arul is a freelance system administrator and technical writer. He is working with Linux Environments for more
than 5 years, an Open Source enthusiast and highly motivated on Linux installation and troubleshooting. Mostly working
with RedHat/CentOS Linux and Ubuntu/Debian, Nginx and Apache web server, Proxmox, Zimbra Administration, and
Website Optimization. Currently learning about OpenStack and Container Technology.

view as pdf | print


https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/ 13/19

You might also like