OpenSSL 1.1.1 / CentOS 6

Is there a way to install openssl 1.1.1 or later on centOS 6?

https://github.com/openssl/openssl/issues/19750

 

Using centOS 6 (i know..eol, but I can't switch or upgrade quite yet.). If relevant, please remember to tell us in what OpenSSL version you found the issue. Trying to install OpenSSL 1.1.1s by compiling from source Downloaded the openssl source code from openss.org (openssl-1.1.1s.tar.gz) to /usr/src/openssl-1.1.1s.tar.gz Then I unzipped it to to /usr/src/openssl-1.1.1s Then I cd'ed into /usr/src/openssl-1.1.1s issued the following commands   After that it appears that it it installed the new open SSL binary in /usr/local/bin (so /usr/local/bin/openssl is the location), and that it installed shared objects? in /usr/local/lib64 (libssl.so.1.1, libcrypto.so.1.1, libcrypto.a, libssl.a). When I move the old openssl (v 1.0.1e-fips) for safekeeping and copy /usr/local/bin/openssl and then do a ./openssl version I get: ./openssl: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory So, how can I get this to work? Any help is appreciated. Thank you!

 

 

 

Member

t8m commented on Nov 24, 2022 • 

edited 

Do NOT replace the system openssl library, you will certainly break your system. The system applications built against the 1.0.1e version will not run with 1.1.1. However, you can install the new version of openssl in /usr/local as you did. You might need to run ldconfig or configure the /usr/local/lib64 in /etc/ld.so.conf if the shared library loader cannot find the libcrypto.so.1.1 and libssl.so.1.1 placed there.

👍1

 

 t8m added triaged: question resolved: answered labels on Nov 24, 2022

 

 

Author

mrlerch commented on Nov 29, 2022

Thank you. Can you please tell me what to do with ldconfig or what to put in /etc/ld.so.conf? I certainly would appreciate it.

 

 

 

Member

t8m commented on Nov 29, 2022

You just put a line with /usr/local/lib64 in /etc/ld.so.conf and run ldconfig as root.

 

 

 

Author

mrlerch commented on Nov 29, 2022 via email  • 

edited 

So this will not replace anything, but include that path, right? On Nov 28, 2022, at 10:40 AM, Tomáš Mráz ***@***.***> wrote: You just put a line with /usr/local/lib64 in /etc/ld.so.conf and run ldconfig as root. —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: ***@***.***>

 

 

 

Member

t8m commented on Nov 29, 2022

Yes

 

 

 

Author

mrlerch commented on Nov 30, 2022

Thank you so much! That worked! Lifesaver you!

 

 

 

Author

mrlerch commented on Dec 13, 2022 via email 

Tomas, you rock. Thank you! That worked! Martin

 

 

 

Author

mrlerch commented on Jan 20

One more question. How can I get SSH to use the new OpenSSL? SSH -v output: OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 openssl version output: OpenSSL 1.1.1s 1 Nov 2022 Is it even possible? Thanks.

 

 

 

Member

t8m commented on Jan 20

You would have to build the openssh yourself to link it against the new openssl build. I personally would not recommend doing that unless you know what you're doing.