HTTPS证书扫码
HTTPS证书申请电话

4008-940-318

4008-940-318

首页

SSL证书产品

More +
  • EV SSL证书

    适用: 银行、保险、金融机构

  • OV SSL证书

    适用: 企业网站、电子商务网站

  • DV SSL证书

    适用: 个人网站、测试系统

代码签名证书产品

More +
当前位置:SSL网 > 证书安装指南 > Linux的ssl证书安装教程

Linux的ssl证书安装教程

文章出处:SSL网 阅读量:14 发表时间:2019-10-30 13:40

SSL证书在不同的系统环境下安装,其操作也是有差异的。系统可分为Linux、Windows等,今天小编要和大家讲的是Linux的ssl证书安装教程,一起来看下。

Linux的ssl证书安装教程

Linux的ssl证书安装教程

先安装zlib,见linux下安装zlib

安装openssl Building a Web Server, for Linux

下载地址

Package(Linux source) : openssl-0.9.8c.tar.gz

解压文件

tar -zxvf openssl-0.9.8c.tar.gz

Our Configuration

Install to : 默认安装路径 /usr/local/ssl

Module type : dynamically and staticly loaded modules, *.so *.a

Build Instructions

Configure

.../openssl-0.9.8c]# ./config --prefix=/usr/local/ --openssldir=/usr/local/openssl -g3 shared zlib-dynamic enable-camellia


--prefix=/usr/local/ --openssldir=/usr/local/openssl

[指定安装路径; 默认是'/usr/local/ssl' -- which we will symlink]

shared

[in addition to the usual static libraries, create shared libraries]

zlib-dynamic

[like "zlib", but has OpenSSL load the zlib library dynamically when needed]

enable-camellia

[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use]

运行./config --prefix=/usr/local/openssl (更 多选项用./config --help来查看),可用的选项有:no-mdc2、no-cast no-rc2、no-rc5、no-ripemd、 no-rc4 no-des 、no-md2、no-md4、no-idea 、no-aes、no-bf、no-err、no-dsa、no-dh、 no-ec、no-hw、no-asm、no-krb5、no-dso 、no-threads 、no-zlib、-DOPENSSL_NO_HASH_COMP、-DOPENSSL_NO_ERR、-DOPENSSL_NO_HW 、- DOPENSSL_NO_OCSP、-DOPENSSL_NO_SHA256和-DOPENSSL_NO_SHA512等。去掉不必要的内容可以减少生成库的大小。 若要生成debug版本的库和可执行程序加-g或者-g3(openssl中有很多宏,需要调试学习最好加上-g3)。

display guess on system made by './config'...

.../openssl-0.9.8c]# ./config -t

正式安装,Build and Install

.../openssl-0.9.8c]# make depend

[step required since extra cipher was enabled]      (时间很长)

.../openssl-0.9.8c]# make                     (时间很长,慢慢等待)

.../openssl-0.9.8c]# make test

.../openssl-0.9.8c]# make install

*测试是否安装成功,#openssl version 是否是新安装的版本


Symlink

Form symlink from '/usr/local/ssl-0.9.8c' to '/usr/local/ssl'

...]# cd /usr/local

/usr/local]# ln -s ssl-0.9.8c ssl

Update the Run-time Linker

ld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so.0.9.8 and libssl.so.0.9.8

Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.

Edit /etc/ld.so.conf, add to paths...

/usr/local/ssl/lib

Update the run-time linker...

...]# ldconfig

Update the PATH

Edit /root/.bash_profile, add to PATH variable...

/usr/local/ssl/bin

Re-login.

[sanity check] OpenSSL

Verify that binary 'openssl' is linking against the correct ssl libraries...

...]# ldd /usr/local/openssl/bin/openssl

libssl.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libssl.so.0.9.8 ...

libcrypto.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libcrypto.so.0.9.8 ...

...]# which openssl

/usr/local/ssl/bin/openssl

...]# openssl version

OpenSSL 0.9.8c 05 Sep 2006

If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.

Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.

Note that the older openssl, on most systems, is located under /usr/bin

The location of 'openssl' can be found with...

...]# which openssl

...]# openssl version

should display openssl 0.9.7d 17 mar 2004

if an older version is shown, your system contains a previously installed openssl.

repeate the steps in update the path, except place the specified location at the start of the path variable.

[the older openssl, on most systems, is located under /usr/bin]

[the command 'which openssl' should display the path of the openssl that your system is using]

/usr/local/ssl/bin]# ./openssl version should display the correct version.

     但是我最后没有得到想要的结果,系统原来的openssl还是没能卸载掉,我该怎么做那?我继续搜索资料,哈,幸运的我找了,在一个国内论坛上是这么说的

      cd /usr/local/ssl/lib

      ln -s libcrypto.so.0.9.7 libcrypto.so.2

      ln -s libssl.so.0.9.7 libssl.so.2

      //最后要刷新系统的动态连接库配置

      echo /usr/local/ssl/lib >> /etc/ld.so.conf

      ldconfig -v

Linux的ssl证书安装

好了,以上便是Linux的ssl证书安装教程,如有不懂,可咨询我们的在线客服。


分享到:

SSL证书品牌

ABOUT US
SSL网是中国网络数字证书的杰出代表。
专业的互联网SSL证书,真正助力企业网络安全。我们的HTTPS证书不断更新,努力今天的同时也在展望未来。
Contact information
手机:13392690131
QQ:3020282082
网址:https://www.it163.com
cache
Processed in 0.020073 Second.