centoskankan(good)

【openSSL】CentOS7.x 上编译安装openssl

2024-01-23  本文已影响0人  Bogon

如果通过下载openssl源码,直接编译升级openssl,如何做?

$ cat install_openssl-1.1.1v.sh

#!/bin/bash

echo -e "\033[33m--->开始安装openssl-1.1.1v<---\033[0m"
[ -d openssl-1.1.1v/ ] && rm -rf openssl-1.1.1v
if [ ! -f openssl-1.1.1v.tar.gz ]; then
    wget https://www.openssl.org/source/openssl-1.1.1v.tar.gz
    if [ $? -eq 0 ]; then
        echo -e "\033[33m--->openssl-1.1.1v.tar.gz下载完毕<---\033[0m"
    else
        echo -e "\033[33m--->openssl-1.1.1v.tar.gz下载失败<---\033[0m"
            exit 1
    fi
fi
if [ -f openssl-1.1.1v.tar.gz ]; then
    tar zxf openssl-1.1.1v.tar.gz && cd openssl-1.1.1v && ./config --prefix=/usr/local/openssl
    echo -e "\033[33m--->openssl configure完毕<---\033[0m"
    (make -j$cpu && make install) || (echo -e "\033[33m--->编译安装失败<---\033[0m" && exit 1)
    if [[ $(cat /etc/ld.so.conf | grep "openssl" | grep -Ev "^#" | wc -l ) == "1" ]]; then
        echo "\033[33m--->ld.so.conf中已配置openssl<---\033[0m"
    else
        sed -i "s/\/usr\/local\/openssl\/lib//g" /etc/ld.so.conf
        echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
    fi
    [[ -f /bin/openssl && -f /bin/openssl.old ]] && rm -rf /bin/openssl.old
    [[ -f /usr/bin/openssl && -f /usr/bin/openssl.old ]] && rm -rf /usr/bin/openssl.old
    [[ ! -L /bin/openssl && -f /usr/local/openssl/bin/openssl ]] && mv /bin/openssl /bin/openssl.old && ln -s /usr/local/openssl/bin/openssl /bin/openssl
    [[ ! -L /usr/bin/openssl && -f /usr/local/openssl/bin/openssl ]] && mv /usr/bin/openssl /usr/bin/openssl.old && ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
    [[ -d /usr/include/openssl/ && -d /usr/include/openssl.old/ ]] && rm -rf /usr/include/openssl.old
    [[ ! -L /usr/include/openssl && -d /usr/local/openssl/include/openssl/ ]] && mv /usr/include/openssl /usr/include/openssl.old && ln -s /usr/local/openssl/include/openssl /usr/include/openssl
    echo -e "\033[33m--->openssl旧文件移除&软链结创建完毕<---\033[0m"
    echo -e "\033[33m--->openssl版本信息<---\033[0m"
    openssl version -a
    echo -e "\033[33m--->openssl-1.1.1v安装完毕<---\033[0m"
    cd ..
else
    echo -e "\033[33m--->openssl-1.1.1v.tar.gz文件不存在,安装失败<---\033[0m"
    exit 1
fi

Welcome to OpenSSL
https://www.openssl.org
https://github.com/openssl/openssl/tags

image.png

如果你想将openssl云源码编译成rpm包,再基于rpm包做升级 ,需要如何做?

OpenSSL rpm builder for CentOS 7
https://github.com/philyuchkoff/openssl-RPM-Builder

image.png image.png

注意:openssl属于操作系统基础组件,不管使用哪种升级方式,都要在测试机上做全面充分的测试!!!

上一篇 下一篇

猜你喜欢

热点阅读