先安装zlib,见linux下安装zlib
安装openssl Building a Web Server, for Linux
下载地址
- Package(Linux source) : openssl-0.9.8c.tar.gz
- 解压文件
tar -zxvf openssl-0.9.8c.tar.gz
Our Configuration
- Install to : 默认安装路径 /usr/local/ssl
- Module type : dynamically and staticly loaded modules, *.so *.a
Build Instructions
Configure
.../openssl-0.9.8c]# ./config --prefix=/usr/local/
--openssldir=/usr/local/openssl
-g3 shared zlib-dynamic enable-camellia
--prefix=/usr/local/--openssldir=/usr/local/openssl
[指定安装路径; 默认是'/usr/local/ssl' -- which we will symlink]shared
[in addition to the usual static libraries, create shared libraries]zlib-dynamic
[like "zlib", but has OpenSSL load the zlib library dynamically when needed]enable-camellia
[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use]- 运行./config --prefix=/usr/local/openssl (更 多选项用./config --help来查看),可用的选项有:no-mdc2、no-cast no-rc2、no-rc5、no-ripemd、 no-rc4 no-des 、no-md2、no-md4、no-idea 、no-aes、no-bf、no-err、no-dsa、no-dh、 no-ec、no-hw、no-asm、no-krb5、no-dso 、no-threads 、no-zlib、-DOPENSSL_NO_HASH_COMP、-DOPENSSL_NO_ERR、-DOPENSSL_NO_HW 、- DOPENSSL_NO_OCSP、-DOPENSSL_NO_SHA256和-DOPENSSL_NO_SHA512等。去掉不必要的内容可以减少生成库的大小。 若要生成debug版本的库和可执行程序加-g或者-g3(openssl中有很多宏,需要调试学习最好加上-g3)。
display guess on system made by './config'...
.../openssl-0.9.8c]# ./config -t
正式安装,Build and Install
.../openssl-0.9.8c]# make depend
[step required since extra cipher was enabled](时间很长).../openssl-0.9.8c]# make (时间很长,慢慢等待)
.../openssl-0.9.8c]# make test.../openssl-0.9.8c]# make install
*测试是否安装成功,#openssl version 是否是新安装的版本
Symlink
Form symlink from '/usr/local/ssl-0.9.8c' to '/usr/local/ssl'
...]# cd /usr/local/usr/local]# ln -s ssl-0.9.8c ssl
Update the Run-time Linker
ld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so.0.9.8 and libssl.so.0.9.8
Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.
Edit /etc/ld.so.conf, add to paths...
/usr/local/ssl/lib
Update the run-time linker...
...]# ldconfig
Update the PATH
Edit /root/.bash_profile, add to PATH variable...
/usr/local/ssl/bin
Re-login.
[sanity check] OpenSSL
Verify that binary 'openssl' is linking against the correct ssl libraries...
...]# ldd /usr/local/openssl/bin/openssl
- libssl.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libssl.so.0.9.8 ...
- libcrypto.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libcrypto.so.0.9.8 ...
...]# which openssl
/usr/local/ssl/bin/openssl
...]# openssl version
OpenSSL 0.9.8c 05 Sep 2006
If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.
Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.
Note that the older openssl, on most systems, is located under /usr/bin
The location of 'openssl' can be found with...
...]# which openssl
...]# openssl version- should display openssl 0.9.7d 17 mar 2004
- if an older version is shown, your system contains a previously installed openssl.
- repeate the steps in update the path, except place the specified location at the start of the path variable.
- [the older openssl, on most systems, is located under /usr/bin]
- [the command 'which openssl' should display the path of the openssl that your system is using]
/usr/local/ssl/bin]# ./openssl versionshould display the correct version.
cd /usr/local/ssl/lib
ln -s libcrypto.so.0.9.7 libcrypto.so.2
ln -s libssl.so.0.9.7 libssl.so.2
//最后要刷新系统的动态连接库配置
echo /usr/local/ssl/lib >> /etc/ld.so.conf
ldconfig -v
这下子我豁然开朗,原来依赖的那2个文件是个软链接啊,我把它修改为我现在真正的openssl库文件不是就行了吗?于是一顿忙碌后,我终于执行了 rpm -e -nodeps ,然后重新启动系统,一路运行下去,全是绿灯。一时间感觉自己好幸福啊
6486
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
