安装环境:
操作系统:redhat 12.0
openssl- 0.9.8 l
Download
- 安装包(Linux source) : openssl- 0.9.8 l.tar.gz(or the latest version of openssl)
下载地址:http://www.openssl.org/source/
- 在linux下解压缩下载到的安装包,命令如下.....
tar -xzf openssl-xxx.tar.gz
Our Configuration
- Install to : /usr/local/ssl
- Module type : dynamically and staticly loaded modules, *.so *.a
Build Instructions
Configure
.../openssl-0. 9.8l ]# ./config --prefix=/usr/local/ssl-0. 9.8l shared zlib-dynamic enable-camellia
- --prefix=/usr/local/ssl-
0.9.8
l
[this is the installation location; default is '/usr/local/ssl' -- which we will symlink] - shared
[in addition to the usual static libraries, create shared libraries] - zlib-dynamic
[like "zlib", but has OpenSSL load the zlib library dynamically when needed] - enable-camellia
[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use]
display guess on system made by './config'...
.../openssl-0. 9.8l ]# ./config -t
Build and Install
- .../openssl-0.
9.8l
]# make depend
[step required since extra cipher was enabled] - .../openssl-0. 9.8l ]# make
- .../openssl-0. 9.8l ]# make test
- .../openssl-0. 9.8l ]# make install
Symlink
Form symlink from '/usr/local/ssl- 0.9.8 l' to '/usr/local/ssl'(...]代表“/usr/local/”)
- ...]# cd /usr/local
- /usr/local]# ln -s ssl- 0.9.8 l ssl
Update the Run-time Linker
ld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so. 0.9.8 a nd libssl.so.0.9.8
Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.
Edit /etc/ld.so.conf, add to paths...(修改效果如下图1,当然也可以直接在/etc/ld.so.conf.d文件夹下再创建一个.conf文件,把/usr/local/ssl/lib拷贝到里面,另外也可以在现有的.conf文件中添加这个路径,反正ld.so.conf中包含了这个文件夹下的所有.conf文件)
图1
/usr/local/ssl/lib
Update the run-time linker...
...]# ldconfig
Update the PATH
Edit /root/.bash_profile, add to PATH variable...
(若原来没有安装openssl的旧版本,则放在PATH中的任何位置都可以,但是记住要用冒号分隔开,而不是分号分隔,详见后面的截图,若想查看当前的PATH环境变量都设置了什么,可以使用如下的命令实现:
[root@localhost local]# echo $PATH
/usr/local/ssl/bin:/usr/lib/qt-3.3/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin
)
NOTE:一般在root下直接是看不见.bash_profile(一般为隐藏文件)的,可以在该目录下使用ls –a 命令来显示隐藏了的文件。然后用VI或emacs编辑器来修改其中的内容。编译完成后若要立刻看到效果,可以用命令:source .bash_profile ,若要长期起作用,需要重新登录(当我首次安装的时候是出现的情况是这样的~~~
/usr/local/ssl/bin
Re-login.
[sanity check] OpenSSL
Verify that binary 'openssl' is linking against the correct ssl libraries...
- [root@localhost /]# cd /usr/local
- [root@localhost local]# ldd /usr/local/ssl/bin/openssl
- linux-gate.so.1 => (0x 00c 4b000)
- libssl.so. 0.9.8 => /usr/local/ssl-0. 9.8l /lib/libssl.so.0.9.8 (0x00d5b000)
- libcrypto.so. 0.9.8 => /usr/local/ssl-0. 9.8l /lib/libcrypto.so.0.9.8 (0x00110000)
- libdl.so.2 => /lib/libdl.so.2 (0x005b2000)
- libc.so.6 => /lib/libc.so.6 (0x00447000)
- /lib/ld-linux.so.2 (0x 0042a 000)
...]# which openssl
/usr/local/ssl/bin/openssl
...]# openssl version
OpenSSL 0.9.8 l 5 Nov 2009
If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.
Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.(在/root/.bash_profile中将PATH设置为如下的顺序,即把当前安装上的openssl的版本放在环境变量的前面,这样优先使用的就是新安装的最新的版本的OpenSSL了)
图2
Note that the older openssl, on most systems, is located under /usr/bin
The location of 'openssl' can be found with...(用下面的命令你就可以查到你的openssl的安装目录了~~~)
...]# which openssl
以上只是我在刚开始学习的时候的安装过程,若有不对的地方或还有更好的方法,欢迎大家批评指正~~~
