sudo apt update sudo apt install build-essential checkinstall zlib1g-dev -y
cd /usr/local/src/ sudo wget https://www.openssl.org/source/openssl-3.2.0.tar.gz Before upgrade: $ openssl version -a OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) built on: Fri Oct 13 12:02:49 2023 UTC platform: debian-amd64 options: bn(64,64) compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-8L8jlV/openssl-3.0.2=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 OPENSSLDIR: "/usr/lib/ssl" ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-3" MODULESDIR: "/usr/lib/x86_64-linux-gnu/ossl-modules" Seeding source: os-specific CPUINFO: OPENSSL_ia32cap=0x7ffaf3ffffebffff:0x98c027bc239c27eb sudo tar -xvf openssl-3.2.0.tar.gz cd /usr/local/src/openssl-3.2.0
sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib sudo make sudo make test sudo make install
Configure Link Libraries
Next, we will configure the shared libraries for OpenSSL. The new OpenSSL binary will load library files from the ‘/usr/local/ssl/lib’ directory.
Go to the ‘/etc/ld.so.conf.d’ directory and create new configuration file ‘openssl-3.0.7.conf’.
cd /etc/ld.so.conf.d/ sudo vi openssl-3.2.0.conf
Paste the openssl library path directory.
/usr/local/ssl/lib64
Save and exit.
Now reload the dynamic link using the command below.
sudo ldconfig -v $ openssl version -a OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.2.0 23 Nov 2023) built on: Wed Dec 13 01:23:16 2023 UTC platform: linux-x86_64 options: bn(64,64) compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DZLIB -DNDEBUG OPENSSLDIR: "/usr/local/ssl" ENGINESDIR: "/usr/local/ssl/lib64/engines-3" MODULESDIR: "/usr/local/ssl/lib64/ossl-modules" :/$ /usr/bin/openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.2.0 23 Nov 2023) :/$ /usr/local/ssl/bin/openssl version OpenSSL 3.2.0 23 Nov 2023 (Library: OpenSSL 3.2.0 23 Nov 2023)
Configure OpenSSL Binary
We will replace the default openssl binary ‘/usr/bin/openssl or /bin/openssl’ with the new version ‘/usr/local/ssl/bin/openssl’.
Backup the binary files.
sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.bak sudo mv /usr/bin/openssl /usr/bin/openssl.bak
Edit the ‘/etc/environment’ file.
sudo vi /etc/environment
Now add the new OpenSSL binary directory as below:
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/usr/local/ssl/bin"
Save and exit.
Reload the environment file and test the new updated binary PATH.
source /etc/environment
echo $PATH
Now check the OpenSSL binary file again.
:/$ which openssl
/usr/local/ssl/bin/openssl
Test the new OpenSSL version.
:/$ openssl version -a
OpenSSL 3.2.0 23 Nov 2023 (Library: OpenSSL 3.2.0 23 Nov 2023)
built on: Wed Dec 13 01:23:16 2023 UTC
platform: linux-x86_64
options: bn(64,64)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DZLIB -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/ssl/lib64/engines-3"
MODULESDIR: "/usr/local/ssl/lib64/ossl-modules"