Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Installing OpenSSL

OpenSSL 1.1.1n has the following high-risk vulnerabilities. You are advised to fix them by referring to the official notice.

CVE-2022-2068: https://nvd.nist.gov/vuln/detail/CVE-2022-2068

CVE-2022-1292: https://nvd.nist.gov/vuln/detail/CVE-2022-1292

  1. Install TLS dependencies.
    yum install net-tools expect haveged dos2unix -y
  2. Obtain the openssl1.1.1n source package and decompress it.
    cd /usr/local
wget https://www.openssl.org/source/old/1.1.1/openssl-1.1.1n.tar.gz --no-check-certificate
tar -zxvf openssl-1.1.1n.tar.gz
  3. Compile and install openssl-1.1.1n.
    cd openssl-1.1.1n
./config 
make && make install
  4. Back up the OpenSSL of the source version and create links.
    mv /usr/bin/openssl /usr/bin/openssl.bak
mv /usr/include/openssl /usr/include/openssl.bak
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig -v

    If there is no native OpenSSL, you do not need to perform the backup operation.

Parent topic: Server