|
|
我從網(wǎng)上搜索到了一篇安裝openssl的英文文章��,地址在 http://www.devside.net/web/server/linux/openssl 我按照上面說的安裝了zlib,openssl��。步驟簡介如下(怕以后忘了)
先安裝zlib����,見linux下安裝zlib
安裝openssl Building a Web Server, for Linux
下載地址
- Package(Linux source) : openssl-0.9.8c.tar.gz
- 解壓文件
tar -zxvf openssl-0.9.8c.tar.gz
Our Configuration- Install to : 默認(rèn)安裝路徑 /usr/local/ssl
- Module type : dynamically and staticly loaded modules, *.so *.a
Build InstructionsConfigure.../openssl-0.9.8c]# ./config --prefix=/usr/local/ --openssldir=/usr/local/openssl -g3 shared zlib-dynamic enable-camellia
- --prefix=/usr/local/ --openssldir=/usr/local/openssl
[指定安裝路徑; 默認(rèn)是'/usr/local/ssl' -- which we will symlink] - shared
[in addition to the usual static libraries, create shared libraries] - zlib-dynamic
[like "zlib", but has OpenSSL load the zlib library dynamically when needed] - enable-camellia
[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use] - 運(yùn)行./config --prefix=/usr/local/openssl (更 多選項(xiàng)用./config --help來查看),可用的選項(xiàng)有:no-mdc2����、no-cast no-rc2����、no-rc5����、no-ripemd、 no-rc4 no-des ��、no-md2���、no-md4、no-idea �、no-aes、no-bf�、no-err、no-dsa���、no-dh�、 no-ec�、no-hw、no-asm�����、no-krb5、no-dso �����、no-threads �����、no-zlib���、-DOPENSSL_NO_HASH_COMP�、-DOPENSSL_NO_ERR�����、-DOPENSSL_NO_HW ��、- DOPENSSL_NO_OCSP��、-DOPENSSL_NO_SHA256和-DOPENSSL_NO_SHA512等��。去掉不必要的內(nèi)容可以減少生成庫的大小���。 若要生成debug版本的庫和可執(zhí)行程序加-g或者-g3(openssl中有很多宏��,需要調(diào)試學(xué)習(xí)最好加上-g3)�����。
display guess on system made by './config'...
.../openssl-0.9.8c]# ./config -t 正式安裝���,Build and Install- .../openssl-0.9.8c]# make depend
[step required since extra cipher was enabled] (時(shí)間很長) - .../openssl-0.9.8c]# make (時(shí)間很長�����,慢慢等待)
- .../openssl-0.9.8c]# make test
- .../openssl-0.9.8c]# make install
*測試是否安裝成功�,#openssl version 是否是新安裝的版本
SymlinkForm symlink from '/usr/local/ssl-0.9.8c' to '/usr/local/ssl'
- ...]# cd /usr/local
- /usr/local]# ln -s ssl-0.9.8c ssl
Update the Run-time Linkerld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so.0.9.8 and libssl.so.0.9.8
Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.
Edit /etc/ld.so.conf, add to paths...
/usr/local/ssl/lib Update the run-time linker...
...]# ldconfig Update the PATHEdit /root/.bash_profile, add to PATH variable...
/usr/local/ssl/bin Re-login.
[sanity check] OpenSSLVerify that binary 'openssl' is linking against the correct ssl libraries...
...]# ldd /usr/local/openssl/bin/openssl - libssl.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libssl.so.0.9.8 ...
- libcrypto.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libcrypto.so.0.9.8 ...
...]# which openssl /usr/local/ssl/bin/openssl...]# openssl version OpenSSL 0.9.8c 05 Sep 2006If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.
Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.
Note that the older openssl, on most systems, is located under /usr/bin
The location of 'openssl' can be found with...
...]# which openssl
- ...]# openssl version
- should display openssl 0.9.7d 17 mar 2004
- if an older version is shown, your system contains a previously installed openssl.
- repeate the steps in update the path, except place the specified location at the start of the path variable.
- [the older openssl, on most systems, is located under /usr/bin]
- [the command 'which openssl' should display the path of the openssl that your system is using]
- /usr/local/ssl/bin]# ./openssl version should display the correct version.
但是我最后沒有得到想要的結(jié)果��,系統(tǒng)原來的openssl還是沒能卸載掉��,我該怎么做那�����?我繼續(xù)搜索資料�,哈�,幸運(yùn)的我找了�,在一個(gè)國內(nèi)論壇上是這么說的
cd /usr/local/ssl/lib
ln -s libcrypto.so.0.9.7 libcrypto.so.2
ln -s libssl.so.0.9.7 libssl.so.2
//最后要刷新系統(tǒng)的動(dòng)態(tài)連接庫配置
echo /usr/local/ssl/lib >> /etc/ld.so.conf
ldconfig -v
這下子我豁然開朗�����,原來依賴的那2個(gè)文件是個(gè)軟鏈接啊���,我把它修改為我現(xiàn)在真正的openssl庫文件不是就行了嗎�?于是一頓忙碌后����,我終于執(zhí)行了 rpm -e -nodeps ,然后重新啟動(dòng)系統(tǒng)��,一路運(yùn)行下去�����,全是綠燈�����。一時(shí)間感覺自己好幸福啊
|
|
QQ好友和群
QQ空間
騰訊微博
騰訊朋友
收藏
淘帖
頂
踩
