CCL Home Page
Up Directory CCL README.html

Installing openssl under Solaris

Written by Jan Labanowski, jkl@ccl.net, Oct 13, 2002

Since the security is getting tighter, there is a need to often
recompile the openssl package as new expoloits are found.

I was using gcc:
# gcc --version
egcs-2.91.66

and my solaris was:
# uname -a 
SunOS heechee 5.8 Generic_108528-15 sun4u sparc SUNW,Ultra-250

1) retrieved latest openssl from: http://www.openssl.org/ and unpacked it
   

mkdir /usr/local/openssl-0.9.6g
cd /usr/local/openssl-0.9.6g
wget http://www.openssl.org/source/openssl-0.9.6g.tar.gz
gtar zxvf openssl-0.9.6g.tar.gz


2) Configured openssl to place its directories under /usr/local/openssl-0.9.6g

cd /usr/local/openssl-0.9.6g/openssl-0.9.6g
./config -fPIC shared \
         --prefix=/usr/local/openssl-0.9.6g \
         --openssldir=/usr/local/openssl-0.9.6g


3) Compiled, tested, and installed openssl 

make

make test

make install

It resulted in diretcories bin, certs, include, lib, man, misc, private under
/usr/local/openssl-0.9.6g

4) Making other packages know about openssl.
If you do not want to affect in any way default behaviour on your machine,
you need to let other packages know about location of your openssl binaries
and libreries by setting enviroment variables and switches on command line,
for example:

PATH=/usr/local/openssl-0.9.6g/bin:${PATH}
export PATH

LD_LIBRARY_PATH=/usr/local/openssl-0.9.6g/lib:${LD_LIBRARY_PATH}
export LD_LIBRARY_PATH

But if you want to make the current openssl your default one, you need to
make a few links (I prefer links, since they are easier to undo than
if you actually copy it over older versions...)

The open ssl is usualled expected at /usr/local/openssl and /usr/local/ssl
but to make sure most packages can access it, you need to make links
in standard places, i.e., /usr/bin, /usr/lib, and /usr/include.


cd /usr/local
ln -s openssl-0.9.6g openssl
ln -s openssl-0.9.6g ssl

You should probably also make the following links if you want to make sure
that new version is being used:

cd /usr/lib
ln -s ../local/ssl/lib/libcrypto.a libcrypto.a
ln -s ../local/ssl/lib/libcrypto.so.0.9.6 libcrypto.so.0.9.6
ln -s ../local/ssl/lib/libssl.a libssl.a
ln -s ../local/ssl/lib/libssl.so.0.9.6 libssl.so.0.9.6
ln -s libssl.so.0 libssl.so
ln -s libssl.so.0.9.6 libssl.so.0
cd /usr/bin
ln -s ../local/ssl/bin/openssl openssl
ln -s ../local/ssl/bin/c_rehash c_rehash
cd /usr/include
ln -s ../local/ssl/include/openssl openssl

Modified: Mon Oct 14 18:13:43 2002 GMT
Page accessed 8013 times since Mon Oct 14 17:03:51 2002 GMT