What’s new? OPENSSL 1.1.1a

https://www.openssl.org/blog/blog/2018/09/11/release111/

 

1. compiler

yum group install ‘Development Tools’
yum install perl-core zlib-devel -y

2. openssl download

cd /usr/local/src
wget https://www.openssl.org/source/openssl-1.1.1a.tar.gz
tar -xvzf openssl-1.1.1a.tar.gz

3. openssl compile

cd openssl-1.1.1a

./config –prefix=/usr/local/ssl –openssldir=/usr/local/ssl shared zlib

make

make test

make install

 

4. Configure Link Libraries

cd /etc/ld.so.conf.d/
vi openssl-1.1.1a.conf

/usr/local/ssl/lib

4.1 Now reload the dynamic link using the command below

ldconfig -v

 

5. backup

mv /usr/bin/openssl /usr/bin/openssl.BEKUP

6. Create new environment files for OpenSSL

vi /etc/profile.d/openssl.sh

#Set OPENSSL_PATH
OPENSSL_PATH=/usr/local/ssl/bin
export OPENSSL_PATH
PATH=$PATH:$OPENSSL_PATH
export PATH

6.1  final  work

chmod +x /etc/profile.d/openssl.sh
source /etc/profile.d/openssl.sh
echo $PATH
which openssl

7. Testing

openssl version -a

OpenSSL 1.1.1a 20 Nov 2018
built on: Thu Nov 22 04:36:16 2018 UTC
platform: linux-x86_64

8. Ngnix install 1.15.x

vi /etc/yum.repos.d/nginx.repo

[nginx] name=nginx repo
baseurl=http://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

8.1 install and start

yum install nginx

systemctl start nginx

systemctl enable nginx

8.1 add service to firewalld

firewall-cmd –add-service=http –permanent

firewall-cmd –reload

 

9. Firefox Support TLS 1.3

https://www.wikihow.com/Enable-TLS-1.3-in-Mozilla-Firefox

https://support.cloudflare.com/hc/en-us/articles/227172348-How-do-I-enable-TLS-1-3-

 

10. 참고 사이트

blog.bypass.sh/448

blacksaildivision.com/how-to-install-openssl-on-centos

www.vultr.com/docs/how-to-compile-nginx-from-source-on-centos-7

www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/