source: archive/openssl.xml

trunk
Last change on this file was 45ab6c7, checked in by Xi Ruoyao <xry111@…>, 3 months ago

more SVN prop clean up

Remove "$LastChanged$" everywhere, and also some unused $Date$

  • Property mode set to 100644
File size: 8.8 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY openssl-download-http
8 "https://openssl.org/source/openssl-&openssl-version;.tar.gz">
9 <!ENTITY openssl-download-ftp
10 "ftp://openssl.org/source/openssl-&openssl-version;.tar.gz">
11 <!ENTITY openssl-md5sum "ba5f1b8b835b88cadbce9b35ed9531a6">
12 <!ENTITY openssl-size "5.2 MB">
13 <!ENTITY openssl-buildsize "73 MB (with tests)">
14 <!ENTITY openssl-time "1.5 SBU (with tests)">
15]>
16
17<sect1 id="openssl" xreflabel="OpenSSL-&openssl-version;">
18 <?dbhtml filename="openssl.html"?>
19
20 <sect1info>
21 <date>$Date$</date>
22 </sect1info>
23
24 <title>OpenSSL-&openssl-version;</title>
25
26 <indexterm zone="openssl">
27 <primary sortas="a-OpenSSL">OpenSSL</primary>
28 </indexterm>
29
30 <sect2 role="package">
31 <title>Introduction to OpenSSL</title>
32
33 <para>
34 The <application>OpenSSL</application> package contains management tools
35 and libraries relating to cryptography. These are useful for providing
36 cryptographic functions to other packages, such as
37 <application>OpenSSH</application>, email applications and web browsers
38 (for accessing HTTPS sites).
39 </para>
40
41 &lfs81_checked;
42
43 <bridgehead renderas="sect3">Package Information</bridgehead>
44 <itemizedlist spacing="compact">
45 <listitem>
46 <para>
47 Download (HTTP): <ulink url="&openssl-download-http;"/>
48 </para>
49 </listitem>
50 <listitem>
51 <para>
52 Download (FTP): <ulink url="&openssl-download-ftp;"/>
53 </para>
54 </listitem>
55 <listitem>
56 <para>
57 Download MD5 sum: &openssl-md5sum;
58 </para>
59 </listitem>
60 <listitem>
61 <para>
62 Download size: &openssl-size;
63 </para>
64 </listitem>
65 <listitem>
66 <para>
67 Estimated disk space required: &openssl-buildsize;
68 </para>
69 </listitem>
70 <listitem>
71 <para>
72 Estimated build time: &openssl-time;
73 </para>
74 </listitem>
75 </itemizedlist>
76
77 <para condition="html" role="usernotes">
78 User Notes: <ulink url='&blfs-wiki;/OpenSSL'/>
79 </para>
80 </sect2>
81
82 <sect2 role="installation">
83 <title>Installation of OpenSSL</title>
84
85 <para>
86 Install <application>OpenSSL</application> with the following commands:
87 </para>
88
89
90<screen><userinput>./config --prefix=/usr \
91 --openssldir=/etc/ssl \
92 --libdir=lib \
93 shared \
94 zlib-dynamic &amp;&amp;
95make</userinput></screen>
96
97 <para>
98 To test the results, issue: <command>make test</command>.
99 </para>
100
101 <para>
102 If you want to disable installing the static libraries, use this sed:
103 </para>
104
105<screen><userinput>sed -i 's# libcrypto.a##;s# libssl.a##;/INSTALL_LIBS/s#libcrypto.a##' Makefile</userinput></screen>
106
107 <para>
108 Now, as the <systemitem class="username">root</systemitem> user:
109 </para>
110
111<!-- dev note: make INSTALL_PREFIX=<DESTDIR> MANDIR=/usr/share/man MANSUFFIX=ssl install -->
112
113<screen role="root"><userinput>make MANSUFFIX=ssl install &amp;&amp;
114mv -v /usr/share/doc/openssl{,-&openssl-version;} &amp;&amp;
115cp -vfr doc/* /usr/share/doc/openssl-&openssl-version;</userinput></screen>
116
117 </sect2>
118
119 <sect2 role="commands">
120 <title>Command Explanations</title>
121
122 <para>
123 <parameter>shared</parameter>: This parameter forces the creation of
124 shared libraries along with the static libraries.
125 </para>
126
127 <para>
128 <parameter>zlib-dynamic</parameter>: This parameter adds
129 compression/decompression functionality using the
130 <filename class="libraryfile">libz</filename> library.
131 </para>
132
133 <para>
134 <option>no-rc5 no-idea</option>: When added to the
135 <command>./config</command> command, this will eliminate the building
136 of those encryption methods. Patent licenses may be needed for you to
137 utilize either of those methods in your projects.
138 </para>
139
140 <para>
141 <command>make MANSUFFIX=ssl install</command>:
142 This command appends an "ssl" suffix to the manual page names to avoid
143 conflicts with manual pages installed by other packages.
144 </para>
145
146 </sect2>
147
148 <sect2 role="configuration">
149 <title>Configuring OpenSSL</title>
150
151 <sect3 id="openssl-config">
152 <title>Config Files</title>
153
154 <para>
155 <filename>/etc/ssl/openssl.cnf</filename>
156 </para>
157
158 <indexterm zone="openssl openssl-config">
159 <primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary>
160 </indexterm>
161
162 </sect3>
163
164 <sect3>
165 <title>Configuration Information</title>
166
167 <para>
168 Most users will want to install Certificate Authority Certificates
169 for validation of downloaded certificates. For example, these
170 certificates can be used by <xref linkend='git'/>,
171 <xref linkend='curl'/> or <xref linkend='wget'/> when accessing secure
172 (https protocol) sites. To do this, follow the instructions from the
173 <xref linkend='cacerts'/> page.
174 </para>
175
176 <para>
177 Users who just want to use <application>OpenSSL</application> for
178 providing functions to other programs such as
179 <application>OpenSSH</application> and web browsers do not need to worry
180 about additional configuration. This is an advanced topic and those
181 who do need it would normally be expected to either know how to properly
182 update <filename>/etc/ssl/openssl.cnf</filename> or be able to find out
183 how to do it.
184 </para>
185
186 </sect3>
187
188 </sect2>
189
190 <sect2 role="content">
191 <title>Contents</title>
192
193 <segmentedlist>
194 <segtitle>Installed Programs</segtitle>
195 <segtitle>Installed Libraries</segtitle>
196 <segtitle>Installed Directories</segtitle>
197
198 <seglistitem>
199 <seg>
200 c_rehash and openssl
201 </seg>
202 <seg>
203 libcrypto.{so,a} and libssl.{so,a}
204 </seg>
205 <seg>
206 /etc/ssl,
207 /usr/include/openssl,
208 /usr/lib/engines and
209 /usr/share/doc/openssl-&openssl-version;
210 </seg>
211 </seglistitem>
212 </segmentedlist>
213
214 <variablelist>
215 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
216 <?dbfo list-presentation="list"?>
217 <?dbhtml list-presentation="table"?>
218
219 <varlistentry id="c_rehash">
220 <term><command>c_rehash</command></term>
221 <listitem>
222 <para>
223 is a <application>Perl</application> script that scans all files in
224 a directory and adds symbolic links to their hash values.
225 </para>
226 <indexterm zone="openssl c_rehash">
227 <primary sortas="b-c_rehash">c_rehash</primary>
228 </indexterm>
229 </listitem>
230 </varlistentry>
231
232 <varlistentry id="openssl-prog">
233 <term><command>openssl</command></term>
234 <listitem>
235 <para>
236 is a command-line tool for using the various cryptography functions
237 of <application>OpenSSL</application>'s crypto library from the
238 shell. It can be used for various functions which are documented in
239 <command>man 1 openssl</command>.
240 </para>
241 <indexterm zone="openssl openssl-prog">
242 <primary sortas="b-openssl">openssl</primary>
243 </indexterm>
244 </listitem>
245 </varlistentry>
246
247 <varlistentry id="libcrypto">
248 <term><filename class="libraryfile">libcrypto.{so,a}</filename></term>
249 <listitem>
250 <para>
251 implements a wide range of cryptographic algorithms used in various
252 Internet standards. The services provided by this library are used
253 by the <application>OpenSSL</application> implementations of SSL,
254 TLS and S/MIME, and they have also been used to implement
255 <application>OpenSSH</application>,
256 <application>OpenPGP</application>, and other cryptographic
257 standards.
258 </para>
259 <indexterm zone="openssl libcrypto">
260 <primary sortas="c-libcrypto">libcrypto.{so,a}</primary>
261 </indexterm>
262 </listitem>
263 </varlistentry>
264
265 <varlistentry id="libssl">
266 <term><filename class="libraryfile">libssl.{so,a}</filename></term>
267 <listitem>
268 <para>
269 implements the Transport Layer Security (TLS v1) protocol.
270 It provides a rich API, documentation
271 on which can be found by running <command>man 3 ssl</command>.
272 </para>
273 <indexterm zone="openssl libssl">
274 <primary sortas="c-libssl">libssl.{so,a}</primary>
275 </indexterm>
276 </listitem>
277 </varlistentry>
278
279 </variablelist>
280
281 </sect2>
282
283</sect1>
Note: See TracBrowser for help on using the repository browser.