2022-10-06 分類: 網站建設
SSL證書在不同的系統環境下安裝,其操作也是有差異的。系統可分為Linux、Windows等,今天小編要和大家講的是Linux的ssl證書安裝教程,一起來看下。
Linux的ssl證書安裝教程
先安裝zlib,見linux下安裝zlib
安裝openssl Building a Web Server, for Linux
下載地址
Package(Linux source) : openssl-0.9.8c.tar.gz
解壓文件
tar -zxvf openssl-0.9.8c.tar.gz
Our Configuration
Install to : 默認安裝路徑 /usr/local/ssl
Module type : dynamically and staticly loaded modules, *.so *.a
Build Instructions
Configure
.../openssl-0.9.8c]# ./config --prefix=/usr/local/ --openssldir=/usr/local/openssl -g3 shared zlib-dynamic enable-camellia
--prefix=/usr/local/ --openssldir=/usr/local/openssl
[指定安裝路徑; 默認是'/usr/local/ssl' -- which we will symlink]
shared
[in addition to the usual static libraries, create shared libraries]
zlib-dynamic
[like "zlib", but has OpenSSL load the zlib library dynamically when needed]
enable-camellia
[enables the symmetric cipher 'Camellia' (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use]
運行./config --prefix=/usr/local/openssl (更 多選項用./config --help來查看),可用的選項有:no-mdc2、no-cast no-rc2、no-rc5、no-ripemd、 no-rc4 no-des 、no-md2、no-md4、no-idea 、no-aes、no-bf、no-err、no-dsa、no-dh、 no-ec、no-hw、no-asm、no-krb5、no-dso 、no-threads 、no-zlib、-DOPENSSL_NO_HASH_COMP、-DOPENSSL_NO_ERR、-DOPENSSL_NO_HW 、- DOPENSSL_NO_OCSP、-DOPENSSL_NO_SHA256和-DOPENSSL_NO_SHA512等。去掉不必要的內容可以減少生成庫的大小。 若要生成debug版本的庫和可執行程序加-g或者-g3(openssl中有很多宏,需要調試學習最好加上-g3)。
display guess on system made by './config'...
.../openssl-0.9.8c]# ./config -t
正式安裝,Build and Install
.../openssl-0.9.8c]# make depend
[step required since extra cipher was enabled] (時間很長)
.../openssl-0.9.8c]# make (時間很長,慢慢等待)
.../openssl-0.9.8c]# make test
.../openssl-0.9.8c]# make install
*測試是否安裝成功,#openssl version 是否是新安裝的版本
Symlink
Form symlink from '/usr/local/ssl-0.9.8c' to '/usr/local/ssl'
...]# cd /usr/local
/usr/local]# ln -s ssl-0.9.8c ssl
Update the Run-time Linker
ld.so.cache will need to be updated with the location of the new OpenSSL shared libs: libcrypto.so.0.9.8 and libssl.so.0.9.8
Sometimes it is sufficient to just symlink or copy these two files to /lib, but we recommend you follow these instructions instead.
Edit /etc/ld.so.conf, add to paths...
/usr/local/ssl/lib
Update the run-time linker...
...]# ldconfig
Update the PATH
Edit /root/.bash_profile, add to PATH variable...
/usr/local/ssl/bin
Re-login.
[sanity check] OpenSSL
Verify that binary 'openssl' is linking against the correct ssl libraries...
...]# ldd /usr/local/openssl/bin/openssl
libssl.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libssl.so.0.9.8 ...
libcrypto.so.0.9.8 => /usr/local/ssl-0.9.8c/lib/libcrypto.so.0.9.8 ...
...]# which openssl
/usr/local/ssl/bin/openssl
...]# openssl version
OpenSSL 0.9.8c 05 Sep 2006
If another path, or an older version is shown, your system contains a previously installed OpenSSL that is first [relative to the newer openssl] in the path.
Repeate the steps in section 'Update the PATH', except place the specified location at the start of the PATH variable.
Note that the older openssl, on most systems, is located under /usr/bin
The location of 'openssl' can be found with...
...]# which openssl
...]# openssl version
should display openssl 0.9.7d 17 mar 2004
if an older version is shown, your system contains a previously installed openssl.
repeate the steps in update the path, except place the specified location at the start of the path variable.
[the older openssl, on most systems, is located under /usr/bin]
[the command 'which openssl' should display the path of the openssl that your system is using]
/usr/local/ssl/bin]# ./openssl version should display the correct version.
但是我最后沒有得到想要的結果,系統原來的openssl還是沒能卸載掉,我該怎么做那?我繼續搜索資料,哈,幸運的我找了,在一個國內論壇上是這么說的
cd /usr/local/ssl/lib
ln -s libcrypto.so.0.9.7 libcrypto.so.2
ln -s libssl.so.0.9.7 libssl.so.2
//最后要刷新系統的動態連接庫配置
echo /usr/local/ssl/lib >> /etc/ld.so.conf
ldconfig -v
好了,以上便是Linux的ssl證書安裝教程,如有不懂,可咨詢我們的在線客服。
名稱欄目:Linux的ssl證書安裝教程
標題來源:http://vcdvsql.cn/news29/202479.html
成都網站建設公司_創新互聯,為您提供建站公司、面包屑導航、網站營銷、App開發、用戶體驗、ChatGPT
聲明:本網站發布的內容(圖片、視頻和文字)以用戶投稿、用戶轉載內容為主,如果涉及侵權請盡快告知,我們將會在第一時間刪除。文章觀點不代表本網站立場,如需處理請聯系客服。電話:028-86922220;郵箱:631063699@qq.com。內容未經允許不得轉載,或轉載時需注明來源: 創新互聯
猜你還喜歡下面的內容