How to upgrade OpenSSL in CentOS 6.5 / Linux / Unix from source?
./config --prefix=/usr --openssldir=/usr/local/openssl shared
Try this config line instead to overwrite the default. It installs to prefix /usr/local/ssl by default in your setup when you leave off the prefix. You probably have "/usr/local/ssl/bin/openssl" instead of overwriting /usr/bin/openssl. You can also use /usr/local for prefix instead, but you would need to adjust your path accordingly if that is not already on your path. Here is the INSTALL documentation:
$ ./config
$ make
$ make test
$ make install
[If any of these steps fails, see section Installation in Detail below.]
This will build and install OpenSSL in the default location, which is (for
historical reasons) /usr/local/ssl. If you want to install it anywhere else,
run config like this:
$ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
https://github.com/openssl/openssl/blob/master/INSTALL
http://heartbleed.com/
Is it possible to in-place upgrade CentOS 7 to 8
from CentOS official site
I just noticed this. https://www.centos.org/forums/viewtopic.php?f=47&t=71896
Recompile PHP with OpenSSL on CentOS
Yes, you need to download dev package of openssl (sources/headers), sources of PHP and configure it with following keys:
--with-openssl --with-openssl-dir=/usr/local/bin
as per PHP Manual > OpenSSL > Installing/Configuring
You also may want to use other keys like --with-curl=/usr/local
or --with-gd
-- check with documentation at PHP Manual > Appendices > Configure options and installation manuals for every module your want to compile it with like GD2 or Curl
NOTE: You will need to download dev-packages of every module you are
going to compile - it consumes noticable amount of time, plan accordingly.NOTE 2: Keep in mind that all modules you are going to compile into
your own build of PHP will be accessible through its functions (like
image manipulation, https/curl requests etc), so it is highly
recommended to use only stable and proven versions of modules not to
add a new vulnerability to your web-site.
** UPDATE **
./configure --with-openssl --with-openssl-dir=/usr/bin \
--with-zlib=[DIR] \
--enable-zip \
--enable-opcache \
--with-pdo-mysql=[DIR] \
--with-mysqli=[DIR] \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mcrypt=[DIR] \
--enable-mbstring \
--enable-intl \
--with-png-dir=[DIR] \
--with-jpeg-dir=[DIR] \
--with-gd=[DIR] \
--with-curl=[DIR] \
--with-bz2=[DIR] \
--enable-bcmath
[DIR]'s can be discovered automatically, but I faced a lot of situations when they are different from what PHP expects.
xmlreader
, xmlwriter
, simplexml
are enabled by default starting with PHP 5.1.2
sqlite3
, pdo-sqlite
are enabled by default starting with PHP 5.3.0
--enable-gd-native-ttf
is deprecated starting PHP 5.5.0, removed in PHP 7.2.0.
Related Topics
Where Is the Stack Memory Allocated from for a Linux Process
Oracle:Io Exception: the Network Adapter Could Not Establish the Connection
Create a Symbolic Link of Directory in Ubuntu
Check If Directory Mounted with Bash
Linux Pipe Audio File to Microphone Input
Run ASP.NET Core App Under Linux on Startup
Grep Files Based on Time Stamp
Using Mkdir -M -P and Chown Together Correctly
In Linux Terminal, How to Delete All Files in a Directory Except One or Two
Invalid Argument" Setting Key "Net.Core.Somaxconn"
Assigning Dynamic Bash Variable Names Using a for Loop Seq
How to Find Words from One File in Another File
What's an Alternative for Dtrace on Linux
How to Remove All White Spaces from a Given Text File
How to Get All Parent Processes and All Subprocesses with 'Pstree'