What’s new? OPENSSL 1.1.1a
https://www.openssl.org/blog/blog/2018/09/11/release111/
1. compiler
yum group install 'Development Tools'
yum install perl-core zlib-devel -y
2. openssl download
cd /usr/local/src
wget https://www.openssl.org/source/openssl-1.1.1a.tar.gz
tar -xvzf openssl-1.1.1a.tar.gz
3. openssl compile
cd openssl-1.1.1a
./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
make
make test
make install
4. Configure Link Libraries
cd /etc/ld.so.conf.d/
vi openssl-1.1.1a.conf/usr/local/ssl/lib
4.1 Now reload the dynamic link using the command below
ldconfig -v
5. backup
mv /usr/bin/openssl /usr/bin/openssl.BEKUP
6. Create new environment files for OpenSSL
vi /etc/profile.d/openssl.sh
#Set OPENSSL_PATH
OPENSSL_PATH=/usr/local/ssl/bin
export OPENSSL_PATH
PATH=$PATH:$OPENSSL_PATH
export PATH
6.1 final work
chmod +x /etc/profile.d/openssl.sh
source /etc/profile.d/openssl.sh
echo $PATH
which openssl
7. Testing
openssl version -a
OpenSSL 1.1.1a 20 Nov 2018
built on: Thu Nov 22 04:36:16 2018 UTC
platform: linux-x86_64
8. Ngnix install 1.15.x
vi /etc/yum.repos.d/nginx.repo
[nginx] name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=18.1 install and start
yum install nginx
systemctl start nginx
systemctl enable nginx
8.1 add service to firewalld
firewall-cmd --add-service=http --permanent
firewall-cmd --reload
9. Firefox Support TLS 1.3
https://www.wikihow.com/Enable-TLS-1.3-in-Mozilla-Firefox
https://support.cloudflare.com/hc/en-us/articles/227172348-How-do-I-enable-TLS-1-3-
10. 참고 사이트
blacksaildivision.com/how-to-install-openssl-on-centos
www.vultr.com/docs/how-to-compile-nginx-from-source-on-centos-7
www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/
11. 관련 블로그