How to upgrade OpenSSL on Centos 7 or RHEL 7

Tutorials - Jan 09, 2016 | by - 13 comments - 126,736 views

1. Introduction

OpenSSL is a library that provides cryptographic functionality, specifically SSL/TLS for popular applications such as secure web servers, MySQl databases and email applications. The list parameters standard-commands, digest-commands, and cipher-commands output a list (one entry per line) of the names of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present openssl utility.

2. Requirements

You may need an operating system RHEL 7 or Centos 7 in your dedicated or vps server. Please make sure to set a hostname for your server and its dns is pointing to the IP address of the server.

3. Installation

Get the current version with “openssl version” and “yum info openssl” command :

# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013

You can also check the available version in the vendors directory too.

# yum info openssl

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.ratiokontakt.de
 * epel: mirrors.n-ix.net
 * extras: mirror.de.leaseweb.net
 * updates: mirror.softaculous.com
Installed Packages
Name        : openssl
Arch        : x86_64
Epoch       : 1
Version     : 1.0.1e
Release     : 51.el7_2.1
Size        : 1.5 M
Repo        : installed
From repo   : updates
Summary     : Utilities from the general purpose cryptography library with TLS
            : implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
            : between machines. OpenSSL includes a certificate management tool
            : and shared libraries which provide various cryptographic
            : algorithms and protocols.

Available Packages
Name        : openssl
Arch        : x86_64
Epoch       : 1
Version     : 1.0.1e
Release     : 51.el7_2.2
Size        : 711 k
Repo        : updates/7/x86_64
Summary     : Utilities from the general purpose cryptography library with TLS
            : implementation
URL         : http://www.openssl.org/
License     : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
            : between machines. OpenSSL includes a certificate management tool
            : and shared libraries which provide various cryptographic
            : algorithms and protocols.

To download the latest version of OpenSSL, do as follows:

# cd /usr/local/src
# wget https://www.openssl.org/source/openssl-1.0.2-latest.tar.gz
# tar -zxf openssl-1.0.2-latest.tar.gz

To manually compile OpenSSL and install/upgrade OpenSSL, do as follows:

# cd openssl-1.0.2a
# ./config
# make
# make test
# make install

If the old version is still displayed or installed before, please make a copy of openssl bin file :

# mv /usr/bin/openssl /root/
# ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl

Now verify the OpenSSL version.

# openssl version
OpenSSL 1.0.2e 3 Dec 2015


Note: Compiling Openssl major version may case issues with other system binaries. So please do the needfull to avoid the corruptions.

See Also: