歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux基礎 >> Linux教程

Linux下OpenSSL 安裝圖文詳解

安裝環境:

操作系統:RedHat 12.0
OpenSSL Version:openssl-0.9.8l

Download

安裝包(Linux source) : openssl-0.9.8l.tar.gz(or the latest version of openssl)
      下載地址:http://www.openssl.org/source/
在linux下解壓縮下載到的安裝包,命令如下.....
tar -xzf openssl-xxx.tar.gz
Our Configuration

Install to : /usr/local/ssl
Module type : dynamically and staticly loaded modules, *.so *.a
Build Instructions

Configure

.../openssl-0.9.8l]# ./config --prefix=/usr/local/ssl-0.9.8l shared zlib-dynamic enable-camellia

--prefix=/usr/local/ssl-0.9.8l
[this is the installation location; default is '/usr/local/ssl' -- which we will symlink]
shared
[in addition to the usual static libraries, create shared libraries]
zlib-dynamic
[like "zlib", but has OpenSSL load the zlib library dynamically when needed]
enable-camellia
[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use]
display guess on system made by './config'...

.../openssl-0.9.8l]# ./config -t

Build and Install

.../openssl-0.9.8l]# make depend
[step required since extra cipher was enabled]
.../openssl-0.9.8l]# make
.../openssl-0.9.8l]# make test
.../openssl-0.9.8l]# make install
Symlink

Form symlink from '/usr/local/ssl-0.9.8l' to '/usr/local/ssl'(...]代表“/usr/local/”)

...]# cd /usr/local
/usr/local]# ln -s ssl-0.9.8l ssl
Update the Run-time Linker

ld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so.0.9.8 and libssl.so.0.9.8

Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.

Edit /etc/ld.so.conf, add to paths...(修改效果如下圖1,當然也可以直接在/etc/ld.so.conf.d文件夾下再創建一個.conf文件,把/usr/local/ssl/lib拷貝到裡面,另外也可以在現有的.conf文件中添加這個路徑,反正ld.so.conf中包含了這個文件夾下的所有.conf文件)


圖1

/usr/local/ssl/lib

Update the run-time linker...

...]# ldconfig

Update the PATH

Edit /root/.bash_profile, add to PATH variable...

(若原來沒有安裝openssl的舊版本,則放在PATH中的任何位置都可以,但是記住要用冒號分隔開,而不是分號分隔,詳見後面的截圖,若想查看當前的PATH環境變量都設置了什麼,可以使用如下的命令實現:

[root@localhost local]# echo $PATH

/usr/local/ssl/bin:/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin

NOTE:一般在root下直接是看不見.bash_profile(一般為隱藏文件)的,可以在該目錄下使用ls –a 命令來顯示隱藏了的文件。然後用VI或emacs編輯器來修改其中的內容。編譯完成後若要立刻看到效果,可以用命令:source .bash_profile ,若要長期起作用,需要重新登錄(當我首次安裝的時候是出現的情況是這樣的~~~

/usr/local/ssl/bin

Re-login.

[sanity check] OpenSSL

Verify that binary 'openssl' is linking against the correct ssl libraries...

[root@localhost /]# cd /usr/local
[root@localhost local]# ldd /usr/local/ssl/bin/openssl
        linux-gate.so.1 =>  (0x00c4b000)
        libssl.so.0.9.8 => /usr/local/ssl-0.9.8l/lib/libssl.so.0.9.8 (0x00d5b000)
        libcrypto.so.0.9.8 => /usr/local/ssl-0.9.8l/lib/libcrypto.so.0.9.8 (0x00110000)
        libdl.so.2 => /lib/libdl.so.2 (0x005b2000)
        libc.so.6 => /lib/libc.so.6 (0x00447000)
        /lib/ld-linux.so.2 (0x0042a000)
...]# which openssl

/usr/local/ssl/bin/openssl

...]# openssl version

OpenSSL 0.9.8l 5 Nov 2009

If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.

Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.(在/root/.bash_profile中將PATH設置為如下的順序,即把當前安裝上的openssl的版本放在環境變量的前面,這樣優先使用的就是新安裝的最新的版本的OpenSSL了)


圖2

Note that the older openssl, on most systems, is located under /usr/bin

The location of 'openssl' can be found with...(用下面的命令你就可以查到你的openssl的安裝目錄了~~~)

...]# which openssl

以上只是我在剛開始學習的時候的安裝過程,若有不對的地方或還有更好的方法,歡迎大家批評指正~~~

Copyright © Linux教程網 All Rights Reserved