Thursday, June 15, 2017

How to install openssl 1.1.0 on centos 7


Default version of openssl in centos 7 repository is quite old. You can check it as follows:
openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
or like this:
yum info openssl
Name        : openssl
Arch        : x86_64
Epoch       : 1
Version     : 1.0.1e
Release     : 60.el7_3.1

Even though it's not recommended to install packages outside of repo, sometimes it might be useful. Below I will show you how to install the latest version of openssl from sources.

First, let's remove original openssl while leaving its dependencies (if any):
sudo rpm -e --nodeps openssl

Then let's install new openssl:

1. Download and extract:
cd ~
tar -xzf openssl-1.1.0f.tar.gz

2. Compile and install:
cd openssl-1.1.0f
sudo make install
Now if you try to run openssl, you will get this error:
/usr/local/bin/openssl version
/usr/local/bin/openssl: error while loading shared libraries: cannot open shared object file: No such file or directory
To fix it, we need to do the next step.

3. Create links to libssl:
sudo ln -s /usr/local/lib64/ /usr/lib64/
sudo ln -s /usr/local/lib64/ /usr/lib64/

4. Finally create link to new openssl
sudo ln -s /usr/local/bin/openssl /usr/bin/

5. Now you can check openssl version, which is '1.1.0f' at the time of writing:
openssl version
OpenSSL 1.1.0f  25 May 2017


  1. opnessl version outputs "OpenSSL 1.1.0g-dev xx XXX xxxx" but yum info openssl outputs same previous version "1.0.1e" how to overcome this?

    1. I saw this on another website:
      "If the old version is still displayed or installed before, please make a copy of openssl bin file :

      # mv /usr/bin/openssl /root/
      # ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
      Now verify the OpenSSL version.

      # openssl version
      OpenSSL 1.0.2e 3 Dec 2015"

      Hope it can help you.

      P.S. Link:

  2. Bad idea to remove the existing opensssl and then attempt to use wget.