Linux Commands and Scripts

How to Install OpenSSL 1.1.1k on Rocky Linux 8

In this article, we’ll explain how to install OpenSSL 1.1.1k on Rocky Linux 8.

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.

OpenSSL is licensed under an Apache-style license, which means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions. For a list of vulnerabilities, and the releases in which they were found and fixes, see our Vulnerabilities page.


Install OpenSSL 1.1.1k on Rocky Linux 8

1. Keep the server up to date

Always keep the server up to date the security purpose.

# dnf update -y

2. Install development tool

We need to install a development tool and few dependencies to install OpenSSL

# dnf group install ‘Development Tools’

3. Install dependencies

# dnf install perl-core zlib-devel -y

4. Download OpenSSL 1.1.1k

We will download the latest stable version is the 1.1.1 series. This is also our Long Term Support (LTS) version, supported until 11th September 2023.

# cd /usr/local/src/

# wget

Now, extract the tar file

# tar -xzvf openssl-1.1.1k.tar.gz

5. Configure and build

Navigate to the extracted directory and configure, build, test and install OpenSSL in the default location /usr/local/ssl.

# cd openssl-1.1.1k

Configure it with PATH

# ./config –prefix=/usr/local/ssl –openssldir=/usr/local/ssl shared zlib


install openssl

Now, build

# make

# make test

# make install

6. Configure it shared libraries.

Once we have successfully installed OpenSSL, configure it shared libraries.

Naviagate to the /etc/ directory and create a configuration file.

# cd /etc/

# vi openssl-1.1.1k.conf

Add the following path in the config file


Save and exit

Reload the dynamic link

# ldconfig -v

7. Configure OpenSSL Binary

Now, we are going to insert the binary of our new version of OpenSSL /usr/local/ssl/bin/openssl and replace the default openssl file.

First, take a backup of existed openssl file.

# mv /bin/openssl /bin/openssl.backup

Create new environment files for OpenSSL

# vi /etc/profile.d/

and add the following lines

export PATH

Save & exit

Make the newly created file executable

# chmod +x /etc/profile.d/

Reload the new OpenSSL environment file and check the default PATH

# source /etc/profile.d/
# echo $PATH

Now, let’s verify the installation and version of the OpenSSL

# which openssl
# openssl version -a

Output will be similar like:

OpenSSL 1.1.1k 25 Mar 2021
built on: Thu Aug 19 06:33:43 2021 UTC
platform: linux-x86_64
options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/ssl/lib/engines-1.1"
Seeding source: os-specific

That’s it, the installation has been completed successfully.

In this article, we’ve learned how to install OpenSSL 1.1.1k on Rocky Linux 8.

Related Articles