Archive

Archive for the ‘Openssl’ Category

OpenSSL Upgradation Procedure:

April 23, 2009 Leave a comment

Every linux operating system comes with a OpenSSL version. But if you want to upgrade it to the lates version then follow the following steps:–

[ steps described above is tested on CentOS 5 (Stable) ]

Steps for upgradation of OpenSSL:——

  • Remove the previous versions of OpenSSL using the following command:

#rpm -erase –nodeps openssl

  • Fetch the latest version of openssl from http://openssl.org/source. [Latest version is openssl-0.9.8k]
  • Unzip the tar file to /usr using the following command:

#tar -zxvf -C /usr openssl-0.9.8k.tar.gz

  • Move to the /usr/openssl-0.9.8k directory

#cd /usr/openssl-0.9.8k

  • Install the OpenSSL using the following commands:

<#./config shared

#make

#make test

#make install

  • Link the new files using the following commands:

#cd /lib

#ln -s /usr/openssl-0.9.8k/libssl.so.0.9.8 libssl.so.0.9.8b

#ln -s /usr/openssl-0.9.8k/libssl.so libssl.so.6

#ln -s /usr/openssl-0.9.8k/libcrypto.so.0.9.8 libcrypto.so.0.9.8b

#ln -s /usr/openssl-0.9.8k/libcrypto.so libcrypto.so.6

#cd /usr/lib

#rm /libssl.so

#rm /libcrypto.so

#ln -s /usr/openssl-0.9.8k/libssl.so libssl.so

#ln -s /usr/openssl-0.9.8k/libcrypto.so libcrypto.so

#ln -s /usr/local/ssl/include/ /usr/include/ssl

#cd /usr/include

#rm -rf openssl

#ln -s /usr/local/ssl/include/openssl openssl

  • Rerun ldconfig
  • Perform the following steps:

#cd /etc

#rm ld.so.cache

Open the ld.so.conf file in vi editor and add the following lines:

–         add /usr/local/ssl/lib

–         add /usr/local/lib

Run ldconfig.

  • Change the Environment Path Variable

Open .bash_profile file in vi editor

#vi /root/.bash_profile

Add the following line before export PATH

PATH=$PATH:/usr/openssl-0.9.8k/apps

Save the file end exit from vi editor.

  • Reboot.
  • Done

the symbolic file name may be different depending on the operating system and different version of OpenSSL.

Advertisements

OpenSSL: Introduction

April 9, 2009 Leave a comment

OpenSSL is an open source implementation of the SSL and TLS protocols. The core library (written in the C programming language) implements the basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available.
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.

Versions are available for most Unix-like operating systems (including Solaris, Linux, Mac OS X and the four open source BSD operating systems), OpenVMS and Microsoft Windows.

FIPS 140-2 Complience:

OpenSSL is one of the few open source programs to be validated under the FIPS 140-2 computer security standard by the National Institute of Standards and Technology‘s Cryptographic Module Validation Program.
[Note: FIPS stands for Federal Information Processing Standard]

Present Version:

openssl-1.0.0-beta1 [ Works under FIPS mode as weel as NON-FIPS Mode (Beta Version) ]

openssl-0.9.8k [Works under FIPS mode as well as NON-FIPS mode (Stable Version)]

openssl-fips-1.2 [ Works Under FIPS Mode ]

The other version of the setup files, documentations and other informations can be obtained from http://www.openssl.org/