OpenSSL is a library that provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web servers. When going for that A+ on Qualys SSL labs, you most proberly want to complie your own OpenSSL. We'll go through doing that.
This is going to be Fedora base so grab yourself a RHEL 7 or Centos 7 box.
Get your current version with “openssl version”:
openssl version OpenSSL 1.0.1e-fips 11 Feb 2013
and “yum info openssl” command :
yum info openssl
To download the latest version of OpenSSL, do as follows:
cd /usr/local/src wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz tar -zxf openssl-1.0.2-latest.tar.gz
To manually compile OpenSSL and install/upgrade OpenSSL, do as follows:
cd openssl-1.0.2a ./config make make test make install
Next you need to swap our your binaries, move or delete your old version and place it with you latest build one:
mv /usr/bin/openssl /root/ ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
Now verify the OpenSSL version.
openssl version OpenSSL 1.0.2e 3 Dec 2015
That's it, job done. Hope this has been helpful.
Note: Compiling Openssl major version may case issues with other system binaries. So make sure you know what is depending on it.