Overview
The Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols are supported by the OpenSSL toolkit. It’s also a cryptography library that can be used for anything. It’s used to protect connections between the server and your software.
All GreggHost servers already have this installed. On Ubuntu 18 servers, GreggHost uses OpenSSL 1.1.1, and on Debian Stretch servers, it uses OpenSSL 1.1.0l.
Do I need to install my own version?
The server version is compatible with the vast majority of web applications. Newer software, on the other hand, may demand a higher version. Python 3.7.1, for example, requires version 1.0.2 or higher. You must install the newer version of OpenSSL locally under your Shell user if you want to utilize software that requires a higher version.
Installing OpenSSL
Use SSH to connect to your server.
Visit https://www.openssl.org/source/ for more information. and look for the version you want to get. Copy the link address by right-clicking it.
To download the file, use wget.
[server]
wget $ https://www.openssl.org/source/openssl-1.1.1g.tar.gz
You should also download the SHA256 file on the same page as the file to ensure its integrity.
[server]
wget $ https://www.openssl.org/source/openssl-1.1.1g.tar.gz.sha256
After you’ve downloaded both files, check the checksum to make sure the version you downloaded is safe to use.
[server]
$ sha256sum openssl-1.1.1g.tar.gz ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46 ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46 openssl-1.1.1g.tar.gz
[server]
$ cat openssl-1.1.1g.tar.gz.sha256 ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46 ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
If they’re the same, move on to the next stage.
This file must be decompressed.
[server]
$ tar zxvf openssl-1.1.1g.tar.gz openssl-1.1.1g.tar.gz
Delete the old openssl directory and replace it with the new openssl directory.
[server]
$ cd openssl-1.1.1g openssl-1.1.1g openssl-1.1.1g openssl-1
Configure the file as follows:
This will install it in a directory called openssl inside your user’s home directory. Make sure you use your Shell user’s username.
You can put it wherever you want, as long as you don’t put it in a directory called openssl-1.1.1g. When you decompressed the.tar.gz file, this directory was already established. It will fail if you configure it to install there (since it already exists).
For further information on configuration options, go to the OpenSSL page:
Installation and compilation
[server]
—prefix=/home/username/openssl —openssldir=/home/username/openssl no-ssl2 $./config —prefix=/home/username/openssl —openssldir=/home/username/openssl
Make sure to replace ‘username’ with the name of your Shell user.
Make a run for it. When that’s done, run make test:
[server]
$ [server] make
$ create a test
You should notice All tests passed at the end.
Run the command make install [server].
install $ make
Return to your home directory now.
[server]
Add the following lines to your.bash profile with $ cd. View For instructions, see Creating and Editing a File through SSH.
export export LD LIBRARY PATH=$HOME/openssl/lib export LC ALL=”en US.UTF-8″ export PATH=$HOME/openssl/bin:$PATH LDFLAGS=”-L /home/username/openssl/lib -Wl,-rpath,/home/username/openssl/lib” LDFLAGS=”-L /home/username/openssl/lib -Wl,-rpath,/home/username/openssl/lib”
Make careful to modify username to your Shell user in the last line.
source the [server].bash profile
/.bash profile /.bash profile /.bash profile /.bash profile
Check to make sure it’s installed in the right place and that the version is 1.1.1.
$ which openssl [server] /home/username/openssl/bin/openssl
version OpenSSL 1.1.1g $ openssl OpenSSL has been installed locally under your account as of April 21, 2020.