How to Install and Update OpenSSL on CentOS 6 / CentOS 7

El Blog de Dragonfly

OpenSSl

I have CentOS 6 server and still running with OpenSSL 1.0.1e (openssl-1.0.1e-30) that vulnerable to a remote attacker to access parts of memory on systems using vulnerable versions of OpenSSL. OpenSSL is a library that provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web servers (nginx web serverApache web server) and MySQL database server.

OpenSSL is a library that provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web servers, MySQL databases and email applications.

I have tried to perform command “yum update openssl” but I receive “No Packages marked for Update” even though the latest version of tar version has been published.

The following steps describe how to install and update OpenSSL on CentOS 6 and CentOS 7.

Install and Update OpenSSL on CentOS 6 / CentOS 7

1. Get the current version with “openssl version” and “yum info openssl” command :

# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

# yum info openssl

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
 * base: centos.netonboard.com
 * epel: ftp.cuhk.edu.hk
 * extras: centos.netonboard.com
 * updates: ossm.utm.my
Installed Packages
Name        : openssl
Arch        : x86_64
Version     : 1.0.1e
Release     : 30.el6_6.7
Size        : 4.0 M
Repo        : installed
From repo   : updates
Summary     : A general purpose cryptography library with TLS implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications between
            : machines. OpenSSL includes a certificate management tool and shared
            : libraries which provide various cryptographic algorithms and
            : protocols.

Available Packages
Name        : openssl
Arch        : i686
Version     : 1.0.1e
Release     : 30.el6_6.7
Size        : 1.5 M
Repo        : updates
Summary     : A general purpose cryptography library with TLS implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications between
            : machines. OpenSSL includes a certificate management tool and shared
            : libraries which provide various cryptographic algorithms and
            : protocols.

2. To download the latest version of OpenSSL, do as follows:

# cd /usr/src
# wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
# tar -zxf openssl-1.0.2-latest.tar.gz

3. To manually compile OpenSSL and install/upgrade OpenSSL, do as follows:

# cd openssl-1.0.2a
# ./config
# make
# make test
# make install

4. If the old version is still displayed or installed before, please make acopy of openssl bin file :

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

5. Verify the OpenSSL version :

# openssl version

Output :

OpenSSL 1.0.2a 19 Mar 2015

www.ehowstuff.com/how-to-install-and-update-openssl-on-centos-6-centos-7/

  • 0
  • 0
    • Compartir en Facebook

0 comentarios

Para escribir comentarios debes registrarte.