How to install and update OpenSSL on Ubuntu 16.04
To install and update OpenSSL on Ubuntu 16.04
OpenSSL is an open-source implementation of the SSL and TLS protocols. It is so simple to install and update OpenSSL on a Ubuntu machine, and this article deals with the same.
To Install and Update OpenSSL
Before starting the installation of OpenSSL, get the current version of OpenSSL by using the following command.
root@linuxhelpubnt:~# openssl version
OpenSSL 1.0.2g 1 Mar 2016
After that, download the latest version of OpenSSL by deploying the following command.
root@linuxhelpubnt:~# cd /usr/src
root@linuxhelpubnt:/usr/src# wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
--2017-03-01 15:48:20-- https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
Resolving www.openssl.org (www.openssl.org)... 104.108.239.184, 2600:140f:b:186::c1e, 2600:140f:b:182::c1e
Connecting to www.openssl.org (www.openssl.org)|104.108.239.184|:443... connected.
HTTP request sent, awaiting response... 302 Moved Temporarily
Location: https://www.openssl.org/source/openssl-1.0.2k.tar.gz [following]
--2017-03-01 15:48:21-- https://www.openssl.org/source/openssl-1.0.2k.tar.gz
Reusing existing connection to www.openssl.org:443.
HTTP request sent, awaiting response... 200 OK
Length: 5309236 (5.1M) [application/x-gzip]
Saving to: ‘ openssl-1.0.2-latest.tar.gz’
openssl-1.0.2-latest.tar.g 100%[=======================================> ] 5.06M 344KB/s in 19s
2017-03-01 15:48:40 (275 KB/s) - ‘ openssl-1.0.2-latest.tar.gz’ saved [5309236/5309236]
Once it is downloaded, extract the downloaded OpenSSL tar file as follows.
root@linuxhelpubnt:/usr/src# tar -zxf openssl-1.0.2-latest.tar.gz
To manually compile OpenSSL and install/upgrade OpenSSL, make use of the following command.
root@linuxhelpubnt:/usr/src# cd openssl-1.0.2k
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# ./config
Operating system: x86_64-whatever-linux2
Configuring for linux-x86_64
Configuring for linux-x86_64
no-ec_nistp_64_gcc_128 [default] OPENSSL_NO_EC_NISTP_64_GCC_128 (skip dir)
no-gmp [default] OPENSSL_NO_GMP (skip dir)
no-jpake [experimental] OPENSSL_NO_JPAKE (skip dir)
no-krb5 [krb5-flavor not specified] OPENSSL_NO_KRB5
no-libunbound [experimental] OPENSSL_NO_LIBUNBOUND (skip dir)
no-md2 [default] OPENSSL_NO_MD2 (skip dir)
no-rc5 [default] OPENSSL_NO_RC5 (skip dir)
no-rfc3779 [default] OPENSSL_NO_RFC3779 (skip dir)
no-sctp [default] OPENSSL_NO_SCTP (skip dir)
no-shared [default]
no-ssl-trace [default] OPENSSL_NO_SSL_TRACE (skip dir)
no-ssl2 [default] OPENSSL_NO_SSL2 (skip dir)
.
.
make[1]: Entering directory ' /usr/src/openssl-1.0.2k/test'
md2test.c => dummytest.c
rc5test.c => dummytest.c
jpaketest.c => dummytest.c
make[1]: Leaving directory ' /usr/src/openssl-1.0.2k/test'
Configured for linux-x86_64.
After it is done, prepare the installation of OpenSSL by runninng the make command.
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# make
making all in crypto...
make[1]: Entering directory ' /usr/src/openssl-1.0.2k/crypto'
/usr/bin/perl ../util/mkbuildinf.pl " gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM" " linux-x86_64" > buildinf.h
gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o cryptlib.o cryptlib.c
gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o mem.o mem.c
gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -c -o mem_dbg.o mem_dbg.c
.
.
make[1]: Entering directory ' /usr/src/openssl-1.0.2k/tools'
make[1]: Nothing to be done for ' all' .
make[1]: Leaving directory ' /usr/src/openssl-1.0.2k/tools'
root@linuxhelpubnt:/usr/src/openssl-1.0.2k#
After it, run the make test command as follows.
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# make test
testing...
make[1]: Entering directory `/usr/src/openssl-1.0.2k/test'
make[2]: Entering directory `/usr/src/openssl-1.0.2k'
making all in apps...
make[3]: Entering directory `/usr/src/openssl-1.0.2k/apps'
make[3]: Nothing to be done for `all' .
make[3]: Leaving directory `/usr/src/openssl-1.0.2k/apps'
make[2]: Leaving directory `/usr/src/openssl-1.0.2k'
../util/shlib_wrap.sh ./destest
.
.
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
OPENSSLDIR: " /usr/local/ssl"
Once the command is executed, run the make install command which triggers the installation process.
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# make install
making all in crypto...
make[1]: Entering directory `/usr/src/openssl-1.0.2k/crypto'
making all in crypto/objects...
make[2]: Entering directory `/usr/src/openssl-1.0.2k/crypto/objects'
make[2]: Nothing to be done for `all' .
make[2]: Leaving directory `/usr/src/openssl-1.0.2k/crypto/objects'
making all in crypto/md4...
make[2]: Entering directory `/usr/src/openssl-1.0.2k/crypto/md4'
make[2]: Nothing to be done for `all' .
make[2]: Leaving directory `/usr/src/openssl-1.0.2k/crypto/md4'
making all in crypto/md5...
.
.
cp openssl.pc /usr/local/ssl/lib/pkgconfig
chmod 644 /usr/local/ssl/lib/pkgconfig/openssl.pc
If the old version is still displayed or installed before, please make a copy of openssl bin file
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# mv /usr/bin/openssl /root/
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
Now verify the OpenSSL version.
root@linuxhelpubnt:/usr/src/openssl-1.0.2k# openssl version
OpenSSL 1.0.2k 26 Jan 2017
Simple to install and update, isn' t it? OpenSSL has several uses as it provides the basic cryptographic functions and various utility functions. It can also be used to connect to a https service. Also, it can be used to verify an online certificate and to extract information from it through a command line.
Comments ( 5 )