Upgrading OpenSSL is a critical task for maintaining the security and compatibility of your CentOS system. Here’s a step-by-step guide to upgrading to OpenSSL 1.1.1w.
π Preparing the Environment
Before we begin, ensure that you have a backup of your system. Upgrading system libraries, especially ones as critical as OpenSSL, can have far-reaching effects.
π₯ Download and Extract OpenSSL
Execute the following commands to download and extract OpenSSL 1.1.1w:
wget https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz
tar -zxvf openssl-1.1.1w.tar.gz
cd openssl-1.1.1w
π¨ Configure, Compile and Install
Now, we will configure, compile, and install OpenSSL to the specified directory /usr/local/openssl:
./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib
make && make install
π Replacing the Old Version
It’s time to replace the old version of OpenSSL with the new one we’ve just installed.
mv /usr/bin/openssl /usr/bin/openssl.old
mv /usr/lib64/openssl /usr/lib64/openssl.old
mv /usr/lib64/libssl.so /usr/lib64/libssl.so.old
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ln -s /usr/local/openssl/lib/libssl.so /usr/lib64/libssl.so
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig -v
πFinal Verification
To verify the success of our installation:
- Check the OpenSSL version:
openssl version - Check the installed paths:
which openssl
By following these steps, you should now have OpenSSL 1.1.1w installed on your CentOS 7.9 system.
