SSL is the foundation of a secure internet and it protects our sensitive information as it travels across the world's computer network, in this article I will show you how to install OpenSSL from source code.
First, we need to download OpenSSL from the source, by doing this we can always have the last version running on our machine. To download it type the following command.
cd /usr/local/src/
sudo wget https://www.openssl.org/source/openssl-1.1.1c.tar.gz
Before we proceed, make sure that you have the necessary dependencies for building packages from the source code, go back to the terminal, and type the following.
sudo apt install build-essential checkinstall zlib1g-dev -y
The above command installs three packages build essential which is a reference for all packages needed to compile a Debian package, checkinstall is self-explanatory it is used to check if a given package is installed and zlib1g-dev library allows applications to conveniently read and write gzip compatible files.
Now that we have downloaded the source code and installed all the necessary dependencies packages, we need to extract the downloaded file using the command below, make sure that you are in the same directory where you have downloaded the file.
sudo tar -xf openssl-1.1.1c.tar.gz
After extracting the file, navigate to the extracted directory
cd openssl-1.1.1c
We are now going to install OpenSSL which we downloaded using the command below:
sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
sudo make
sudo make test
sudo make install
If no error, so far so good, now let us configure OpenSSL Shared Libraries, using nano text editor you can anyone of your choice.
cd /etc/ld.so.conf.d/
sudo nano openssl-1.1.1c.conf
This command will open nano text editor with an empty file, type the below text and save.
/usr/local/ssl/lib
Next, reload the dynamic link by issuing the command below:
sudo ldconfig -v
Last but not least, we need to configure OpenSSL binary, inserting the binary of our new version of OpenSSL installed (located at /usr/local/ssl/bin/openssl) to replace the default openssl binary (located at /usr/bin/openssl or /bin/openssl). But first, we need to backup the binary files.
sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
sudo mv /usr/bin/openssl /usr/bin/openssl.backup
Next we need to edit /etc/environment file using nano
sudo nano /etc/environment
With nano opened, let us update the /etc/environment file as the following after that we'll save the file.
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/ssl/bin"
Next, reload the OpenSSL environment and check the PATH bin directory using the commands below:
source /etc/environment
echo $PATH
We can now check and verify our installation of OpenSSL using the command below
which openssl
openssl version -a
Happy coding day!
Top comments (2)
Works fine on Linux Mint 20.3 Una (Ubuntu 20.04 focal) along with OpenSSH, Tor proxy and OpenVPN. However, after installation, wget doesn't work with encryption anymore.
It says:
I've tried several workarounds, but I can't fix it myself. What's the clue here?
Thanks man, I successfully installed openssl 1.1.1j on ubuntu 16.04!