CentOS 7.9 更新openssl
- 执行 openssl version 和 ssh -V 查看openssl 版本 openssl
- 更新后,mongodb、nginx(安装时关联了openssl时)都会有影响
- 脚本对应的版本为 openssl-3.3.1,可以根据实际需求修改UPDATE_TO_VER变量的值
实际版本参考官网:官网地址 https://openssl-library.org/source/index.html
#! /bin/bash
# 升级openssl
UPDATE_TO_VER=openssl-3.3.1
PACKAGE_DIR=/opt/source
PACKAGE=${UPDATE_TO_VER}.tar.gz
echo "当前系统openssl 版本为:$(openssl version)"
if [ ! -d $PACKAGE_DIR ];then
mkdir /opt/source
fi
function update_openssl {
echo '安装基础组件'
yum -y install gcc* perl-IPC-Cmd perl-Data-Dumper
echo '备份当前的openssl'
mv /usr/bin/openssl /usr/bin/openssl.old && mv /usr/include/openssl /usr/include/openssl.old
echo '备份已完成,开始更新'
cd $PACKAGE_DIR
tar -xzvf $PACKAGE
cd $UPDATE_TO_VER && ./config --prefix=/usr && make && make install
if [ $? -ne 0 ];then
echo 'openssl 更新失败,即将回退'
rm /usr/bin/openssl && mv /usr/bin/openssl.old /usr/bin/openssl
rm /usr/include/openssl && mv /usr/include/openssl.old /usr/include/openssl
return 1
else
openssl version
if [ $? -ne 0 ];then
echo "openssl 出现异常,请检查配置"
return 1
else
echo "更新完成,更新后的openssl 版本为: $(openssl version),即将退出"
return 0
fi
fi
}
if [ ! -f $PACKAGE ];then
wget -V
if [ $? -ne 0 ];then
yum install wget -y
fi
wget https://github.com/openssl/openssl/releases/download/openssl-3.3.1/openssl-3.3.1.tar.gz -P /opt/source
if [ $? -ne 0 ];then
echo "安装包: ${PACKAGE} 下载失败,请手动下载"
exit 1
else
echo " 安装包已下载完成"
update_openssl
fi
else
update_openssl
fi