Table of Contents
OpenSSL is a robust, widely-used toolkit that provides support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a general-purpose cryptography library. Installing and maintaining the latest version of OpenSSL is essential for ensuring secure communication and data protection on your CentOS system.
.. root@centos8
.PLTJ. ------------
<><><><> OS: CentOS Linux 8 x86_64
KKSSV' 4KKK LJ KKKL.'VSSKK Host: Virtual Machine 7.0
KKV' 4KKKKK LJ KKKKAL 'VKK Kernel: 4.18.0-348.el8.x86_64
V' ' 'VKKKK LJ KKKKV' ' 'V Uptime: 3 hours, 19 mins
.4MA.' 'VKK LJ KKV' '.4Mb. Packages: 818 (rpm)
. KKKKKA.' 'V LJ V' '.4KKKKK . Shell: bash 4.4.20
.4D KKKKKKKA.'' LJ ''.4KKKKKKK FA. CPU: AMD EPYC 7763 (8) @ 2.445GHz
<QDD ++++++++++++ ++++++++++++ GFD> GPU: 00:08.0 Microsoft Corporation Hyper-V virtual VGA
'VD KKKKKKKK'.. LJ ..'KKKKKKKK FV Memory: 449MiB / 32151MiB
' VKKKKK'. .4 LJ K. .'KKKKKV '
'VK'. .4KK LJ KKA. .'KV'
A. . .4KKKK LJ KKKKA. . .4
KKA. 'KKKKK LJ KKKKK' .4KK
KKSSA. VKKK LJ KKKV .4SSKK
<><><><>
'MKKM'
''This tutorial goes through how to install OpenSSL 3+ on CentOS 8 Linux, since the yum repo only installs up to OpenSSL 1.1.1.
#The OpenSSL when installing from repo
openssl version
OpenSSL 1.1.1k FIPS 25 Mar 2021Before you begin
1. SSH to your Linux server with a sudo user then update the system then install the require packages:
sudo yum -y update
sudo yum install -y make gcc perl-core pcre-devel wget zlib-devel2. Download the latest version of OpenSSL source code:
wget https://www.openssl.org/source/openssl-3.1.6.tar.gzConfigure, build and install OpenSSL
3. Uncompress the source file then changes to the OpenSSL directory:
sudo tar -xzvf openssl-3*.tar.gz
cd openssl-3*/4. Configure the package for compilation, compile package then installs compiled package:
./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib no-shared zlib-dynamic
sudo make -j ${nproc}
sudo make test
sudo make install -j ${nproc} Export library path
5. Create environment variable file then doad the environment variable:
echo "export LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64" >> /etc/profile.d/openssl.sh
source /etc/profile.d/openssl.sh6. Finally, verify the OpenSSL version:
[root@ct7 ~]# openssl version
OpenSSL 3.1.1 30 May 2023 (Library: OpenSSL 3.1.1 30 May 2023)Installation script
All above steps can be run automatically with the below bash script:
sudo yum -y update
sudo yum install -y make gcc perl-core pcre-devel wget zlib-devel
wget https://www.openssl.org/source/openssl-3.1.6.tar.gz
sudo tar -xzvf openssl-3*.tar.gz
cd openssl-3*/
./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib no-shared zlib-dynamic
sudo make -j ${nproc}
sudo make test
sudo make install -j ${nproc}
echo "export LD_LIBRARY_PATH=/usr/local/lib:/usr/local/lib64" >> /etc/profile.d/openssl.sh
source /etc/profile.d/openssl.sh
openssl versionCreate a bash script using your favorite text editor → make it executable then run it.
sudo nano installer.shsudo chmod +x installer.sh
./installer.shDirect installation bash script
Alternatively, we’ve created a bash script stored in GitHub. All you need to do are SSH to your server with a sudo account then run the following command:
sudo wget -qO - https://bonguides.com/linux/openssl3 | bashNot a reader? Watch this related video tutorial:
