前言
Openssl是是一个安全套接字层密码库,包括主要的密码算法、密钥、证书封装管理功能及实现ssl协议。
Openssl由密码算法库、ssl协议库、应用程序命令工具3部分组成。
Openssl 1.1.1在2023年9月11日结束支持了,并推出了3.0版本,支持到 2025年11月23日,故需要升级Openssl。
第一步
下载安装包
nginx地址:https://nginx.org/
zilb地址:https://www.zlib.net/
pcre地址:https://www.pcre.org/
openssl地址:https://www.openssl.org/
第二步
解压文件
tar zxvf nginx-1.24.0.tar.gz
tar zxvf openssl-3.2.1.tar.gz
tar zxvf pcre-8.45.tar.gz
tar xvf zlib-1.3.1.tar.xz
第三步
进入nginx 文件中
cd nginx-1.24.0
执行
./configure –prefix=/usr/local/nginx –with-openssl=../openssl-3.2.1 –with-pcre=../pcre-8.45 –with-zlib=../zlib-1.3.1 –with-http_ssl_module –with-http_stub_status_module –with-http_realip_module –with-http_auth_request_module –with-http_v2_module –with-http_dav_module –with-http_slice_module –with-threads –with-http_addition_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_sub_module –with-stream_ssl_module –with-stream_ssl_preread_module –with-mail_ssl_module
然后执行make
可能会报错
Can’t locate IPC/Cmd.pm in @INC (@INC contains: /usr/local/src/openssl-3.2.1/util/perl /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 . /usr/local/src/openssl-3.2.1/external/perl/Text-Template-1.56/lib) at /usr/local/src/openssl-3.2.1/util/perl/OpenSSL/config.pm line 19.
BEGIN failed–compilation aborted at /usr/local/src/openssl-3.2.1/util/perl/OpenSSL/config.pm line 19.
Compilation failed in require at /usr/local/src/openssl-3.2.1/Configure line 23.
BEGIN failed–compilation aborted at /usr/local/src/openssl-3.2.1/Configure line 23.
make[1]: *** [../openssl-3.2.1/.openssl/include/openssl/ssl.h] Error 2
make[1]: Leaving directory `/usr/local/src/nginx-1.24.0′
make: *** [build] Error 2
BEGIN failed–compilation aborted at /usr/local/src/openssl-3.2.1/util/perl/OpenSSL/config.pm line 19.
Compilation failed in require at /usr/local/src/openssl-3.2.1/Configure line 23.
BEGIN failed–compilation aborted at /usr/local/src/openssl-3.2.1/Configure line 23.
make[1]: *** [../openssl-3.2.1/.openssl/include/openssl/ssl.h] Error 2
make[1]: Leaving directory `/usr/local/src/nginx-1.24.0′
make: *** [build] Error 2
解决办法
第一步 执行 yum install -y perl-CPAN
第二步 执行 perl -MCPAN -e shell
第三步 在cpan 终端中执行
首次进入需要下载文件
Would you like to configure as much as possible automatically? [yes] 输入yes然后不停的回车
直到出现cpan[1]>的时候
在cpan[1]> 输入 install IPC/Cmd.pm
回车。yes 的输入
直到 出现
IPC::Cmd is up to date (1.04).
则安装成功
第四步
执行make
第五步
替换文件并验证
使用./nginx -V
出现如下则升级成功
nginx version: nginx/1.24.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 3.2.1 30 Jan 2024
TLS SNI support enabled
configure arguments: –prefix=/usr/local/nginx –with-openssl=../openssl-3.2.1 –with-pcre=../pcre-8.45 –with-zlib=../zlib-1.3.1 –with-http_ssl_module –with-
http_stub_status_module –with-http_realip_module –with-http_auth_request_module –with-http_v2_module –with-http_dav_module –with-http_slice_module –with-t
hreads –with-http_addition_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_sub_module –with-stream_ssl_module –with-stream_ssl_pr
eread_module –with-mail_ssl_module
后将nginx-1.24.0/objs 中的可执行文件nginx替换安装路径路径中的文件
第六步
验证
输入 nginx -V
nginx version: nginx/1.24.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 3.2.1 30 Jan 2024
TLS SNI support enabled
configure arguments: –prefix=/usr/local/nginx –with-openssl=../openssl-3.2.1 –with-pcre=../pcre-8.45 –with-zlib=../zlib-1.3.1 –with-http_ssl_module –with-
http_stub_status_module –with-http_realip_module –with-http_auth_request_module –with-http_v2_module –with-http_dav_module –with-http_slice_module –with-t
hreads –with-http_addition_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_sub_module –with-stream_ssl_module –with-stream_ssl_pr
eread_module –with-mail_ssl_module