Tuesday, February 28, 2023

CentOS 7 -- Custom Installation of OpenSSL 3 from Source Code

Problem

You want to manually perform custom installation of OpenSSL from the source code

Solution

For purposes of this note, OpenSSL version 3.0.8 will be installed in /usr/local/openssl308 directory

1) Create the target directory:

$ sudo mkdir -p /usr/local/openssl308
$ cd /usr/local/openssl308

2) Download the source code:

$ sudo wget https://www.openssl.org/source/openssl-3.0.8.tar.gz
$ sudo tar xf openssl-3.0.8.tar.gz
$ cd openssl-3.0.8 

3) Identify the location of the openssl.cnf file, this location will be used further in the --openssldir parameter of the config command:

$ sudo find /etc/ -name openssl.cnf -printf "%h\n"
/etc/pki/tls

4) Build the custom OpenSSL:

Build the custom openssl:

$ sudo yum install perl-IPC-Cmd
$ sudo ./config \
  --prefix=/usr/local/openssl308 \
  --libdir=lib \
  --openssldir=/etc/pki/tls shared zlib
$ sudo make depend
$ sudo make -s
$ sudo make install_sw
$ cd /usr/local/openssl308
$ sudo ldconfig /usr/local/openssl308/lib

5) Verify the custom openssl:

$ /usr/local/openssl308/bin/openssl version
OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023)

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)