Personal tools
You are here: Home Web Reverse Proxy And Cache OpenSSL v1.0.1x on CentOS v6.x (for Nginx 1.4)
 

OpenSSL v1.0.1x on CentOS v6.x (for Nginx 1.4)

Howto install OpenSSL v1.0.1 on CentOS 6 to get TLS v1.2 support

This follows InterServed Technologies post:

# rpm -Uvh http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/x86_64/ius-release-1.0-11.ius.el6.noarch.rpm
# yum install yum-plugin-replace
# yum replace openssl --replace-with=openssl10

Links

 

Appendices

openssl10-1.0.1e-1.ius binaries

/usr/bin/openssl

openssl10-libs-1.0.1e-1.ius binaries

 /usr/lib64/libcrypto.so.1.0.1e
 /usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.1e
 /usr/lib64/libssl.so.1.0.1e
 /usr/lib64/libssl.so.10 -> libssl.so.1.0.1e
 /usr/lib64/openssl
 /usr/lib64/openssl/engines
 /usr/lib64/openssl/engines/lib4758cca.so
 /usr/lib64/openssl/engines/libaep.so
 /usr/lib64/openssl/engines/libatalla.so
 /usr/lib64/openssl/engines/libcapi.so
 /usr/lib64/openssl/engines/libchil.so
 /usr/lib64/openssl/engines/libcswift.so
 /usr/lib64/openssl/engines/libgmp.so
 /usr/lib64/openssl/engines/libnuron.so
 /usr/lib64/openssl/engines/libpadlock.so
 /usr/lib64/openssl/engines/libsureware.so
 /usr/lib64/openssl/engines/libubsec.so
 /usr/share/doc/openssl10-libs-1.0.1e
 /usr/share/doc/openssl10-libs-1.0.1e/LICENSE

openssl-1.0.0-27.el6_4.2 binaries

/usr/bin/openssl
/usr/lib64/.libcrypto.so.1.0.0.hmac
/usr/lib64/.libcrypto.so.10.hmac -> .libcrypto.so.1.0.0.hmac
/usr/lib64/.libssl.so.1.0.0.hmac
/usr/lib64/.libssl.so.10.hmac -> .libssl.so.1.0.0.hmac
/usr/lib64/libcrypto.so.1.0.0
/usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.0
/usr/lib64/libssl.so.1.0.0
/usr/lib64/libssl.so.10 -> libssl.so.1.0.0
/usr/lib64/openssl
/usr/lib64/openssl/engines
/usr/lib64/openssl/engines/lib4758cca.so
/usr/lib64/openssl/engines/libaep.so
/usr/lib64/openssl/engines/libatalla.so
/usr/lib64/openssl/engines/libcapi.so
/usr/lib64/openssl/engines/libchil.so
/usr/lib64/openssl/engines/libcswift.so
/usr/lib64/openssl/engines/libgmp.so
/usr/lib64/openssl/engines/libnuron.so
/usr/lib64/openssl/engines/libpadlock.so
/usr/lib64/openssl/engines/libsureware.so
/usr/lib64/openssl/engines/libubsec.so

Failure to use yum replace plugin

The openssl10 package conflicts with the standard openssl package. Direct installation when opensll is installed is not possible.

# yum install openssl10
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package openssl10.x86_64 0:1.0.1e-1.ius.el6 will be installed
--> Processing Dependency: openssl10-libs(x86-64) = 1.0.1e-1.ius.el6 for package: openssl10-1.0.1e-1.ius.el6.x86_64
--> Processing Dependency: make for package: openssl10-1.0.1e-1.ius.el6.x86_64
--> Processing Dependency: libssl.so.10(libssl.so.10)(64bit) for package: openssl10-1.0.1e-1.ius.el6.x86_64
--> Processing Dependency: libcrypto.so.10(libcrypto.so.10)(64bit) for package: openssl10-1.0.1e-1.ius.el6.x86_64
--> Processing Dependency: libcrypto.so.10(OPENSSL_1.0.1)(64bit) for package: openssl10-1.0.1e-1.ius.el6.x86_64
--> Running transaction check
---> Package make.x86_64 1:3.81-20.el6 will be installed
---> Package openssl10-libs.x86_64 0:1.0.1e-1.ius.el6 will be installed
--> Processing Conflict: openssl10-1.0.1e-1.ius.el6.x86_64 conflicts openssl < 1.0.1
--> Finished Dependency Resolution
Error: openssl10 conflicts with openssl-1.0.0-27.el6_4.2.x86_64
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

yum-plugin-replace

# yum install yum-plugin-replace
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.as24220.net
 * epel: ucmirror.canterbury.ac.nz
 * extras: mirror.as24220.net
 * ius: syd.mirror.rackspace.com
 * updates: mirror.as24220.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package yum-plugin-replace.noarch 0:0.2.5-1.ius.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================
 Package                    Arch           Version                 Repository   Size
=====================================================================================
Installing:
 yum-plugin-replace         noarch         0.2.5-1.ius.el6         ius          16 k

Transaction Summary
=====================================================================================
Install       1 Package(s)

Total download size: 16 k
Installed size: 33 k

yum replace openssl

# yum replace openssl --replace-with=openssl10
Loaded plugins: replace
Replacing packages takes time, please be patient...

WARNING: Unable to resolve all providers: ['config(openssl)', 'openssl(x86-64)']

This may be normal depending on the package.  Continue? [y/N] y
Resolving Dependencies
--> Running transaction check
---> Package openssl.x86_64 0:1.0.0-27.el6_4.2 will be erased
---> Package openssl10.x86_64 0:1.0.1e-1.ius.el6 will be installed
--> Processing Dependency: make for package: openssl10-1.0.1e-1.ius.el6.x86_64
---> Package openssl10-libs.x86_64 0:1.0.1e-1.ius.el6 will be installed
--> Running transaction check
---> Package make.x86_64 1:3.81-20.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================
 Package               Arch          Version                   Repository       Size
=====================================================================================
Installing:
 openssl10             x86_64        1.0.1e-1.ius.el6          ius             664 k
 openssl10-libs        x86_64        1.0.1e-1.ius.el6          ius             772 k
Removing:
 openssl               x86_64        1.0.0-27.el6_4.2          @updates        3.6 M
Installing for dependencies:
 make                  x86_64        1:3.81-20.el6             base            389 k

Transaction Summary
=====================================================================================
Install       3 Package(s)
Remove        1 Package(s)

Total download size: 1.8 M

 
Related content
Document Actions