CentOS 7.0 升级OpenSSL

CentOS 7.0默认安装的openssl为OpenSSL 1.0.1e-fips 11 Feb 2013,而此版本有漏洞需要升级!

查看OpenSSL版本号

openssl version

20151121134434

 

从官网下载openssl源码包

20151121134537

上传openssl到服务器/usr/local/src

20151121135441

解压openssl

20151121135540

切换到openssl目录下,编译OpenSSL

cd  openssl-1.0.1p
./config shared zlib 
make && make install

20151121140958

 

20151121141038

修改历史的OpenSSL文件设置备份

mv /usr/bin/openssl /usr/bin/openssl.old 
mv /usr/include/openssl /usr/include/openssl.old

20151121141927

 

设置软连接使其使用新的OpenSSL版本 刚刚安装的OpenSSL默认安装在/usr/local/ssl

ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl 
ln -s /usr/local/ssl/include/openssl /usr/include/openssl

20151121142104

 

更新动态链接库数据

echo "/usr/local/ssl/lib" >> /etc/ld.so.conf 
ldconfig -v

20151121142242

 

查看OpenSSL升级后的版本

openssl version

20151121142415