Compiling OpenSSL
Introduction
OpenSSL is a library that provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web servers. When going for that A+ on Qualys SSL labs, you most proberly want to complie your own OpenSSL. We'll go through doing that.
Requirements
This is going to be Fedora base so grab yourself a RHEL 7 or Centos 7 box.
Installation
Get your current version with “openssl version”:
openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
and “yum info openssl” command :
yum info openssl
To download the latest version of OpenSSL, do as follows:
cd /usr/local/src
wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
tar -zxf openssl-1.0.2-latest.tar.gz
To manually compile OpenSSL and install/upgrade OpenSSL, do as follows:
cd openssl-1.0.2a
./config
make
make test
make install
Next you need to swap our your binaries, move or delete your old version and place it with you latest build one:
mv /usr/bin/openssl /root/
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
Now verify the OpenSSL version.
openssl version
OpenSSL 1.0.2e 3 Dec 2015
That's it, job done. Hope this has been helpful.
Note: Compiling Openssl major version may case issues with other system binaries. So make sure you know what is depending on it.