How to install OpenSSL in Ubuntu? [SOLVED]
OpenSSL is an open source software library for applications that protect against eavesdropping on communications over computer networks or the need to identify the other party. It is widely used by Internet servers, including most HTTPS websites.
In this article we will tell you how to install OpenSSL on Ubuntu 22.04.
In this article, both the installation from the repository and the installation steps from the source code will be explained.
Method-1: Install From Repository
Ubuntu has OpenSSL installed most of the time:
foc@ubuntu22:~$ dpkg -l | grep openssl ii openssl 3.0.2-0ubuntu1.6 amd64 Secure Sockets Layer toolkit - cryptographic utility If it is not installed, first start by updating the package list:
foc@ubuntu22:~$ sudo apt update -y Then install openssl package:
foc@ubuntu22:~$ sudo apt install openssl -y Package version after installation:
foc@ubuntu22:~$ openssl version OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
Installation was successful completed.
Method-2: Install From Source Code
Before the installation update the packages list:
foc@ubuntu22:~$ sudo apt update -y foc@ubuntu22:~$ sudo apt install build-essential checkinstall zlib1g-dev -y Go to the official website and right click on the download link and copy the link:
![How to install OpenSSL in Ubuntu? [SOLVED]](https://www.golinuxcloud.com/wp-content/uploads/Screenshot-from-2022-12-11-15-06-29.jpg)
Download the compressed file with the wget command:
foc@ubuntu22:~$ sudo wget https://www.openssl.org/source/openssl-3.1.0-alpha1.tar.gz --2022-12-11 11:37:46-- https://www.openssl.org/source/openssl-3.1.0-alpha1.tar.gz Resolving www.openssl.org (www.openssl.org). 104.70.110.18, 2a02:26f0:cb00:1a0::c1e, 2a02:26f0:cb00:186::c1e Connecting to www.openssl.org (www.openssl.org)|104.70.110.18|:443. connected. HTTP request sent, awaiting response. 200 OK Length: 15343477 (15M) [application/x-gzip] Saving to: ‘openssl-3.1.0-alpha1.tar.gz’ openssl-3.1.0-alp 100%[=============>] 14.63M 1.84MB/s in 6.6s 2022-12-11 11:37:53 (2.21 MB/s) - ‘openssl-3.1.0-alpha1.tar.gz’ saved [15343477/15343477] Then unzip the compressed file, move it to /usr/local/src :
foc@ubuntu22:~$ sudo tar -xzvf openssl-3.1.0-alpha1.tar.gz -C /usr/local/src/ && sudo mv /usr/local/src/openssl-3.1.0-alpha1/* /usr/local/src Switch to /usr/local/src/ directory:
foc@ubuntu22:~$ cd /usr/local/src/ Run the following command to start compiling:
foc@ubuntu22:/usr/local/src$ sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib Configuring OpenSSL version 3.1.0-alpha1 for target linux-x86_64 Using os-specific seed configuration Created configdata.pm Running configdata.pm Created Makefile.in Created Makefile Created include/openssl/configuration.h ********************************************************************** *** *** *** OpenSSL has been successfully configured *** *** *** *** If you encounter a problem while building, please open an *** *** issue on GitHub *** *** and include the output from the following command: *** *** *** *** perl configdata.pm --dump *** *** *** *** (If you are new to OpenSSL, you might want to consult the *** *** 'Troubleshooting' section in the INSTALL.md file first) *** *** *** ********************************************************************** Then run «make» and «make test»
foc@ubuntu22:/usr/local/src$ sudo make && sudo make test If Result: Pass, you can continue the installation with the «make install» command.
foc@ubuntu22:/usr/local/src$ sudo make install If you have successfully installed OpenSSL, configure the library directory. OpenSSL will look for the file in the ‘ /usr/local/ssl/lib ‘ directory. We will add a file to the ld.so.conf.d directory under the /etc directory and make it reach the ‘ /usr/local/src/ssl ‘ files.
foc@ubuntu22:/usr/local/src$ cd /etc/ld.so.conf.d/ foc@ubuntu22:/etc/ld.so.conf.d$ sudo nano openssl-3.1.0.conf
Create necessary links and cache for newly added libraries with ldconfig :
foc@ubuntu22:/etc/ld.so.conf.d$ sudo ldconfig -v /usr/local/ssl/lib64: (from /etc/ld.so.conf.d/openssl-3.1.0.conf:1) libcrypto.so.3 -> libcrypto.so.3 libssl.so.3 -> libssl.so.3
Backup and remove OpenSSL files located in /usr/bin/openssl or /bin/openssl so you can use them again in case of problems.
foc@ubuntu22:/etc/ld.so.conf.d$ sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup foc@ubuntu22:/etc/ld.so.conf.d$ sudo mv /usr/bin/openssl /usr/bin/openssl.backup
Add the PATH of the new openssl version:
foc@ubuntu22:/etc/ld.so.conf.d$ export PATH="/usr/local/ssl/bin:$PATH" foc@ubuntu22:/etc/ld.so.conf.d$ source ~/.bashrc
View the new OpenSSL version:
foc@ubuntu22:/etc/ld.so.conf.d$ openssl version OpenSSL 3.1.0-alpha1 1 Dec 2022 (Library: OpenSSL 3.1.0-alpha1 1 Dec 2022)
Generating a Sample SSL Certificate
Create a claim for the certificate to be generated:
foc@ubuntu22:~$ openssl genrsa -des3 -passout pass:x -out server.pass.key 2048 Extract the encrypted key:
foc@ubuntu22:~$ openssl rsa -passin pass:x -in server.pass.key -out server.key writing RSA key foc@ubuntu22:~$ openssl req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:TR State or Province Name (full name) [Some-State]:Ankara Locality Name (eg, city) []:Cankaya Organization Name (eg, company) [Internet Widgits Pty Ltd]:GolinuxCloud Organizational Unit Name (eg, section) []:Technology Common Name (e.g. server FQDN or YOUR name) []:golinuxcloud Email Address []:foc@golinuxcloud.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:Password@1 An optional company name []:Password@1 Then create the certificate:
foc@ubuntu22:~$ openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt Certificate request self-signature ok subject=C = TR, ST = Ankara, L = Cankaya, O = GolinuxCloud, OU = Technology, CN = golinuxcloud, emailAddress = foc@golinuxcloud.com
foc@ubuntu22:~$ ls -l -rw-rw-r-- 1 foc foc 1350 Dec 11 12:04 server.crt -rw-rw-r-- 1 foc foc 1143 Dec 11 12:04 server.csr -rw------- 1 foc foc 1704 Dec 11 12:01 server.key -rw------- 1 foc foc 1854 Dec 11 12:00 server.pass.key
Summary
We explained how to install OpenSSL on Ubuntu with 2 different methods. If there is no reason, it is recommended to install from the Ubuntu repository.
After the installation, we talked about creating a certificate in a simple way. For more, we share the links below.
What is NEXT?
References
Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud
If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.
For any other feedbacks or questions you can either use the comments section or contact me form.
Thank You for your support!!