nginx升級OpenSSL
openssl版本:openssl-1.0.2j
操作系統版本:centos 6.8
步驟:
升級openssl-1.0.2j
#yum -y install gcc*
安裝第三方庫
yum install -y pcre pcre-devel //使nginx支持正則表達式
yum install -y zlib zlib-devel //使nginx支持http包的內容做gzip的壓縮
yum install -y openssl openssl-devel//使nginx支持ssl協議和MD5,sha1等散列函數
cd /home && wget https://www.openssl.org/source/openssl-1.0.2j.tar.gz
tar xf openssl-1.0.2j.tar.gz
cd openssl-1.0.2j/ && ./config --prefix=/usr/local/openssl
make && make install
mv /usr/bin/openssl /usr/bin/openssl.OFF
mv /usr/include/openssl /usr/include/openssl.OFF
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
ldconfig -v
echo ‘export OPENSSL=/usr/local/openssl/bin‘ >>/etc/profile
echo ‘export PATH=$OPENSSL:$PATH:$HOME/bin‘ >>/etc/profile
source /etc/profile
openssl version -a
安裝nginx-1.11.12
cd /home && wget http://nginx.org/download/nginx-1.11.12.tar.gz
mv /usr/local/nginx/ /opt/
tar -xf nginx-1.11.12.tar.gz && cd nginx-1.11.12
vim /home/nginx-1.11.12/auto/lib/openssl/conf
把
CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
改成
CORE_INCS="$CORE_INCS $OPENSSL/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libcrypto.a"
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-openssl=/usr/local/openssl/
make && make install
nginx升級OpenSSL