Miscellaneouss

How To Upgrade OpenSSL On RHEL And CentOS Operating Systems

upgrade-openssl
mm
Written by Santosh Prasad

OpenSSL is an open source tools for using the Secure Socket Layer (SSL) Transport Layer Security (TLS) protocol for web authentication. It provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web server, MySQL, Email and many more.

In this tutorial I will describe how you can upgrade OpenSSL on RHEL and CentOS systems.

Verify Current Installed OpenSSL Version

Follow the below command to get the current version of your system’s OpenSSL version.

# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

OR, Alternatively you can also check the available version in the vendors directory too using below command

# yum info openssl

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.ratiokontakt.de
 * epel: mirrors.n-ix.net
 * extras: mirror.de.leaseweb.net
 * updates: mirror.softaculous.com
Installed Packages
Name        : openssl
Arch        : x86_64
Epoch       : 1
Version     : 1.0.1e
Release     : 51.el7_2.1
Size        : 1.5 M
Repo        : installed
From repo   : updates
Summary     : Utilities from the general purpose cryptography library with TLS
            : implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
            : between machines. OpenSSL includes a certificate management tool
            : and shared libraries which provide various cryptographic
            : algorithms and protocols.

Available Packages
Name        : openssl
Arch        : x86_64
Epoch       : 1
Version     : 1.0.1e
Release     : 51.el7_2.2
Size        : 711 k
Repo        : updates/7/x86_64
Summary     : Utilities from the general purpose cryptography library with TLS
            : implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
            : between machines. OpenSSL includes a certificate management tool
            : and shared libraries which provide various cryptographic
            : algorithms and protocols.

Download Latest OpenSSL Version

Follow the below command to download the latest OpenSSL.

# cd /usr/local/src
# wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
# tar -zxf openssl-1.0.2-latest.tar.gz

Compile And Install/Upgrade OpenSSL

Follow the below command to manually compile OpenSSL and install/upgrade it.

# cd openssl-1.0.2a
# ./config
# make
# make test
# make install

Now again verify the installation if you get same old version, please make a copy of OpenSSL bin file like below.

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Now verify OpenSSL version again.

# openssl version
OpenSSL 1.0.2e 3 Dec 2015

That’s it.

Note : Compiling OpenSSL major version it may be corrupt other system binaries. Please be careful.

I hope this article will help to upgrade OpenSSL version on RHEL and CentOS systems. If you have any queries and problem please comment in comment section.

Thanks:)

About the author

mm

Santosh Prasad

Hi! I'm Santosh and I'm here to post some cool article for you. If you have any query and suggestion please comment in comment section.

1 Comment

  • this won’t upgrade the SSL itself it’s just the openssl but not the mod_ssl to be used in the apache.

Leave a Comment