Easy Steps To Install OpenSSL 3 on AlmaLinux 8 – OrcaCore
In this guide, we aim to provide a comprehensive walkthrough on how to Install OpenSSL 3 on AlmaLinux 8. OpenSSL stands as a cornerstone open-source cryptography library, indispensable for applications, operating systems, and websites seeking to secure communications over the internet via SSL (Secure Sockets Layer) and TLS (Transport Layer Security). Since its inception in 2012, with the release of version 3 in September 2021, OpenSSL has cemented its position as one of the most universally adopted open-source libraries globally.
The default OpenSSL version bundled with AlmaLinux 8 is often outdated, leading to compilation errors when newer applications require a more recent release. Therefore, this guide, brought to you by Orcacore, demonstrates how to install OpenSSL 3 on AlmaLinux 8, ensuring you have the latest features and security updates.
Before commencing this guide to install OpenSSL 3 on AlmaLinux 8, ensure you’re logged into your server as a non-root user with sudo privileges. If needed, refer to our guide on Initial Server Setup with AlmaLinux 8 for assistance.
AlmaLinux OpenSSL 3 Setup
First, synchronize your local package index by executing the following command:
sudo dnf update -yInstall Development Tools and Required Packages
Next, install the necessary Development Tools using:
sudo dnf groupinstall "Development Tools" -yAlso, install the following Perl packages:
sudo dnf install perl-IPC-Cmd perl-Test-Simple -yDownload OpenSSL From Source
Navigate to the GitHub OpenSSL Releases page to acquire the latest release. Employ the wget command to download the source code:
sudo wget https://github.com/openssl/openssl/releases/download/openssl-3.1.0/openssl-3.1.0.tar.gzExtract the downloaded archive:
sudo tar xvf openssl-3.1.0.tar.gzChange your current directory to the newly extracted OpenSSL directory:
sudo cd openssl-3.1*/Build and Install OpenSSL 3
Configure OpenSSL using the following command:
sudo ./config
Build and install OpenSSL 3.1 with these commands:
# make
# make test
# make installUpdate the dynamic linker run-time bindings:
sudo ldconfigUpdate your system-wide OpenSSL configuration by creating a new file in /etc/profile.d/:
sudo tee /etc/profile.d/openssl.sh<<EOF
export PATH=/usr/local/openssl/bin:$PATH
export LD_LIBRARY_PATH=/usr/local/openssl/lib:$LD_LIBRARY_PATH
EOFReload your shell environment to apply the changes:
source /etc/profile.d/openssl.shVerify the OpenSSL 3 installation on AlmaLinux 8 by checking the version:
openssl version
Conclusion
Following this guide, you have successfully learned how to Install OpenSSL 3 on AlmaLinux 8. This ensures your system benefits from the latest security enhancements and encryption capabilities offered by OpenSSL.
We hope you found this guide helpful. You might also find these articles useful:
How To Install Wireshark on AlmaLinux 8
Install and Configure Samba Share on Rocky Linux 8
Install directadmin trial AlmaLinux 8
Installing aaPanel on Linux server Almalinux 8
Setup varnish with nginx AlmaLinux 8
Squid Proxy Server on AlmaLinux 8
Brotli Compression Setup AlmaLinux 8
Install Node.js on AlmaLinux 8
WordPress Setup on AlmaLinux 8
Alternative Solutions for Installing OpenSSL 3 on AlmaLinux 8
While the method described above involving compiling from source is reliable, it can be time-consuming and requires careful attention to detail. Two alternative approaches can simplify the process of installing OpenSSL 3 on AlmaLinux 8.
1. Using Software Collections (SCL)
Software Collections (SCL) enable you to build and install multiple versions of software on the same system without interfering with the base operating system. This is particularly useful for OpenSSL, as it allows you to install OpenSSL 3 alongside the older version provided by AlmaLinux 8.
Explanation:
SCLs provide a sandboxed environment where applications can use specific versions of libraries without affecting the system-wide libraries. This is achieved by creating a separate directory structure for the SCL and modifying the environment variables only when the SCL is activated.
Steps:
-
Install the
centos-release-sclpackage: This package provides the necessary repositories for accessing SCLs.sudo dnf install centos-release-scl -y -
Check for available OpenSSL SCLs: Unfortunately, there might not be an official SCL for OpenSSL 3 directly. SCLs are usually provided for specific applications or toolsets. If an OpenSSL 3 SCL were available (hypothetically named
openssl30), you could install it as follows:sudo dnf install openssl30 -y #Replace openssl30 with the actual SCL name if it exists -
Activate the SCL: If the SCL was successfully installed, you would activate it using the
scl enablecommand.scl enable openssl30 bash #Again, replace openssl30 if needed. -
Verify the OpenSSL Version: After activating the SCL, verify that the correct version of OpenSSL is being used.
openssl version
Caveats:
- Availability: The biggest drawback is the limited availability of official OpenSSL SCLs. You might need to create your own SCL, which is a complex process.
- Application Compatibility: You’ll need to ensure that your applications are configured to use the OpenSSL version provided by the SCL. This might involve modifying environment variables or application configuration files.
2. Using a Third-Party Repository (Remi or similar)
Another option involves using a third-party repository like Remi, which often provides newer versions of software packages than the official AlmaLinux repositories.
Explanation:
Remi’s RPM repository contains more recent versions of PHP and related software. While primarily focused on PHP, it might also include newer OpenSSL builds as dependencies. By enabling this repository, you can potentially install OpenSSL 3 using dnf.
Steps:
-
Install the Remi repository: First, you need to install the
remi-releasepackage to configure the repository.sudo dnf install dnf-utils http://rpms.remirepo.net/enterprise/remi-release-8.rpm -y -
Enable the Remi repository: By default, Remi’s repository is disabled. Enable it using the
dnf config-managercommand. It’s recommended to enable only the necessary components of Remi’s repo to minimize dependency conflicts. For example, if you suspect OpenSSL is packaged with a particular PHP version, enable that specific PHP repo.sudo dnf config-manager --enable remi-php81 # Example: Enables PHP 8.1 repo. Adapt this! -
Search for OpenSSL packages: Search for OpenSSL packages within the enabled Remi repository.
sudo dnf search openssl --enablerepo=remi-php81 #Adapt the repo name! -
Install OpenSSL: If OpenSSL 3 or a more recent version is available, install it using
dnf install.sudo dnf install openssl --enablerepo=remi-php81 #Adapt the repo name! -
Verify the OpenSSL Version: After installation, verify that the correct version of OpenSSL is being used.
openssl version
Caveats:
- Repository Trust: Using third-party repositories introduces a trust element. Ensure the repository is reputable and maintained.
- Dependency Conflicts: Third-party repositories can sometimes lead to dependency conflicts with existing system packages. Carefully review the packages being installed and their dependencies before proceeding.
- Stability: Packages from third-party repositories might not be as thoroughly tested as those in the official AlmaLinux repositories, potentially leading to instability.
Important Considerations for both alternatives:
- Backup: Before making any significant system changes, create a backup of your system or at least the critical configuration files.
- Testing: After installing OpenSSL 3 using either of these methods, thoroughly test your applications to ensure they are working correctly with the new version.
These alternative solutions offer easier methods to install OpenSSL 3 on AlmaLinux 8 compared to compiling from source, but they come with their own set of considerations and potential drawbacks. Evaluate each option carefully to determine the best approach for your specific needs and environment. Remember to verify your OpenSSL 3 installation on AlmaLinux 8 after using any method.
