1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

EC2(Amazon Linux2023)におけるOpenSSLのバージョンアップ対応手順まとめ

Posted at

EC2(Amazon Linux2023)にデフォルトで入っているOpenSSLのバージョンアップの対応手順をまとめました。

ゴール

OpenSSL 3.4.0

現状

OpenSSL 3.0.8

対応手順

1. OpenSSL公式HPから対象のソースコードをダウンロードして展開する

cd /usr/local/src/
sudo wget https://www.openssl.org/source/openssl-3.4.0.tar.gz
sudo tar xvf openssl-3.4.0.tar.gz

2. 必要なPerl周りのモジュールをインストールしておく

sudo yum install perl perl-FindBin perl-Module-Load-Conditional perl-Test-Harness perl-CPAN

🚨次の手順で設定ファイルを実行した際に下記のエラーが出るため

Can't locate FindBin.pm in @INC (you may need to install the FindBin module) (@INC contains: /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/local/src/openssl-3.4.0/Configure line 15.
BEGIN failed--compilation aborted at /usr/local/src/openssl-3.4.0/Configure line 15.

3. 設定ファイル実行

cd openssl-3.4.0
sudo ./config

※下記が出れば成功
**********************************************************************
***                                                                ***
***   OpenSSL has been successfully configured                     ***
***                                                                ***
***   If you encounter a problem while building, please open an    ***
***   issue on GitHub <https://github.com/openssl/openssl/issues>  ***
***   and include the output from the following command:           ***
***                                                                ***
***       perl configdata.pm --dump                                ***
***                                                                ***
***   (If you are new to OpenSSL, you might want to consult the    ***
***   'Troubleshooting' section in the INSTALL.md file first)      ***
***                                                                ***
**********************************************************************

4. コンパイル及びインストールを行う

sudo make
sudo make install

5. lib64のパスを通す

.bashrcファイルの最後の行にexport LD_LIBRARY_PATH=/usr/local/lib64を追加する。

sudo vi ~/.bashrc

🚨次の手順でバージョン確認をする際にパスが通っておらず下記のエラーが出るため

openssl: /lib64/libssl.so.3: version `OPENSSL_3.4.0' not found (required by openssl)
openssl: /lib64/libssl.so.3: version `OPENSSL_3.2.0' not found (required by openssl)
openssl: /lib64/libcrypto.so.3: version `OPENSSL_3.0.9' not found (required by openssl)
openssl: /lib64/libcrypto.so.3: version `OPENSSL_3.3.0' not found (required by openssl)
openssl: /lib64/libcrypto.so.3: version `OPENSSL_3.4.0' not found (required by openssl)
openssl: /lib64/libcrypto.so.3: version `OPENSSL_3.2.0' not found (required by openssl)

6. 再起動する

sudo reboot

7. バージョンアップされていることを確認する

openssl version

※下記が出ればOK
OpenSSL 3.4.0 22 Oct 2024 (Library: OpenSSL 3.4.0 22 Oct 2024)
1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?