CentOSRHEL Based

How To Install OpenSSL on CentOS Stream 10

r00t

Install OpenSSL on CentOS Stream 10

OpenSSL is a crucial component of modern secure communications, providing robust cryptographic functions for various applications. This guide will walk you through the process of installing OpenSSL 3.4.0 on CentOS Stream 10, ensuring your system is equipped with the latest security features and improvements. Whether you’re a system administrator, developer, or security enthusiast, this tutorial will help you upgrade your OpenSSL installation with confidence.

Prerequisites

Before we dive into the installation process, let’s ensure your system meets the necessary requirements:

System Requirements

  • CentOS Stream 10 (64-bit)
  • Root or sudo access
  • At least 2GB of RAM
  • Minimum 10GB of free disk space

It’s crucial to verify your current OpenSSL version before proceeding. Run the following command in your terminal:

openssl version

If you’re running an older version, upgrading to OpenSSL 3.4.0 will provide enhanced security features and performance improvements.

Required Dependencies

To compile OpenSSL from source, you’ll need to install several development tools and libraries. Execute the following command to install the necessary packages:

sudo dnf group install "Development Tools"
sudo dnf install perl-core zlib-devel

These packages provide essential build tools and libraries required for compiling OpenSSL.

Method 1: Installing OpenSSL 3.4.0 from Source

Installing OpenSSL from source gives you the flexibility to customize the installation and ensure you have the latest version. Follow these steps carefully:

Preparing the Environment

First, update your system packages to ensure you have the latest security patches:

sudo dnf update -y

Create a working directory for the OpenSSL source files:

mkdir ~/openssl_install
cd ~/openssl_install

Downloading and Extracting OpenSSL

Download the OpenSSL 3.4.0 source code from the official website:

wget https://github.com/openssl/openssl/releases/download/openssl-3.4.0/openssl-3.4.0.tar.gz

Verify the integrity of the downloaded file using the provided SHA256 checksum:

sha256sum openssl-3.4.0.tar.gz

Compare the output with the checksum provided on the OpenSSL website to ensure the file hasn’t been tampered with.

Extract the source code:

tar -xzf openssl-3.4.0.tar.gz
cd openssl-3.4.0

Compilation and Installation

Configure the build with optimal settings for CentOS Stream 10:

./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib

This configuration ensures that OpenSSL is installed in a separate directory to avoid conflicts with the system’s default OpenSSL installation.

Compile OpenSSL:

make

Run the test suite to verify the build:

make test

If all tests pass, proceed with the installation:

sudo make install

Post-Installation Configuration

Update the system’s shared library cache:

sudo ldconfig

Configure the system to use the new OpenSSL version by updating the PATH and LD_LIBRARY_PATH variables. Add the following lines to your ~/.bashrc file:

export PATH="/usr/local/ssl/bin:$PATH"
export LD_LIBRARY_PATH="/usr/local/ssl/lib:$LD_LIBRARY_PATH"

Apply the changes:

source ~/.bashrc

Verify the installation by checking the OpenSSL version:

openssl version

The output should display OpenSSL 3.4.0.

Method 2: Installing from Repository

While installing from source provides the latest version, using the repository can be more convenient for system maintenance. Here’s how to install OpenSSL from the CentOS Stream 10 repository:

Enabling Required Repositories

Ensure that the AppStream repository is enabled:

sudo dnf config-manager --set-enabled appstream

Installation Process

Update the package cache:

sudo dnf update

Install OpenSSL:

sudo dnf install openssl

This command will install the latest version of OpenSSL available in the CentOS Stream 10 repositories.

Security Considerations

When working with OpenSSL, security should be a top priority. Consider the following best practices:

  • Regularly update OpenSSL to the latest version to protect against known vulnerabilities.
  • Use strong cipher suites and disable weak algorithms.
  • Implement proper certificate management and validation procedures.
  • Restrict access to OpenSSL configuration files and private keys.

For production environments, consider using a hardware security module (HSM) for enhanced key protection.

Troubleshooting Common Issues

During the installation process, you may encounter some issues. Here are solutions to common problems:

Compilation Errors

If you experience compilation errors, ensure all dependencies are installed:

sudo dnf install gcc make perl

Library Path Issues

If applications can’t find the new OpenSSL libraries, update the ld.so.conf file:

echo "/usr/local/ssl/lib" | sudo tee -a /etc/ld.so.conf.d/openssl.conf
sudo ldconfig

Version Mismatch

If you’re still seeing the old OpenSSL version, check your PATH variable and ensure it’s correctly set in your ~/.bashrc file.

Congratulations! You have successfully installed OpenSSL. Thanks for using this tutorial for installing the OpenSSL on CentOS Stream 10 system. For additional help or useful information, we recommend you check the OpenSSL website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more tutorials!
Back to top button