Build and Configure OpenSSL on Linux
The following series of steps is one way of many to build the OpenSSL sources in Linux.
Example of Building OpenSSL
Refer to the OpenSSL website for additional ways to build with Linux.
- Update and install build-essential packages. Check
for any updates available by updating the package lists from
the
repository:
sudo apt-get update sudo apt install build-essential checkinstall zlib1g-dev -y
- Install additional 32-bit libraries. For buildling
32-bit ELF format, additional
gcc-multilib
andg++-multilib
packages must be installed:sudo apt-get install gcc-multilib g++-multilib
- Configure:
- OpenSSL for 32 bits
- OpenSSL to be installed in /usr/local/ssl directory
- No multithreading
- Disabled assembly language
- Add support for weak
chipers:
perl ./Configure linux-x86 no-asm no-threads enable-weak-ssl-ciphers --prefix=/usr/local/ssl --openssldir=/usr/local/ssl
You should see something similar to this:************************************************************************* ****** OpenSSL has been successfully configured ****** ****** If you encounter a problem while building, please open an ****** issue on GitHub and include the output from the following command: ****** ****** perl configdata.pm --dump ****** ****** (If you are new to OpenSSL, you might want to consult the ****** 'Troubleshooting' section in the INSTALL.md file first) ****** *************************************************************************
- Run the
build.
make
- (Optional) - Test
results.
make test
- Install.
make install
Configuring OpenSSL for the Simulator
For the Simulator to access the OpenSSL-3 libraries, follow these steps:
- Set up the LD_LIBRARY_PATH environment variable to refer
to the directory containig the OpenSSL shared
libraries
For example, if the newly built library is in your
/usr/local/ssl/lib
, do the following:export LD_LIBRARY_PATH=/usr/local/ssl/lib
Also, make sure that this directory contains a symbolic link pointing to this version of the library. Otherwise, you an create it by:ln -s /usr/local/ssl/lib/libcrypto.so.3 /usr/local/ssl/lib/libcrypto.so ln -s /usr/local/ssl/lib/libssl.so.3 /usr/local/ssl/lib/libssl.so
- Use the legacy provider (
legacy.so
) for "weak SSL ciphers" (like "single DES"), by setting up the OPENSSL_MODULES environment variable. For example, if thelegacy.so
library is in your/usr/local/ssl/lib
folder, do the following:export OPENSSL_MODULES=/usr/local/ssl/lib