source: archive/openssl.xml

trunk
Last change on this file was 3f2db3a6, checked in by Pierre Labastie <pierre.labastie@…>, 17 months ago

Remove sect1info tags

They only contain a date tag that is nowhere used.
  • Property mode set to 100644
File size: 8.7 KB
RevLine 
[52d29f7]1<?xml version="1.0" encoding="ISO-8859-1"?>
[6732c094]2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[52d29f7]4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
[bbdb0d16]7 <!ENTITY openssl-download-http
[17f36b0]8 "https://openssl.org/source/openssl-&openssl-version;.tar.gz">
[bbdb0d16]9 <!ENTITY openssl-download-ftp
[17f36b0]10 "ftp://openssl.org/source/openssl-&openssl-version;.tar.gz">
[0e7a9e9]11 <!ENTITY openssl-md5sum "ba5f1b8b835b88cadbce9b35ed9531a6">
12 <!ENTITY openssl-size "5.2 MB">
13 <!ENTITY openssl-buildsize "73 MB (with tests)">
[a4f37269]14 <!ENTITY openssl-time "1.5 SBU (with tests)">
[52d29f7]15]>
16
[cef3a2f]17<sect1 id="openssl" xreflabel="OpenSSL-&openssl-version;">
[5a5bbbf]18 <?dbhtml filename="openssl.html"?>
19
20
21 <title>OpenSSL-&openssl-version;</title>
22
23 <indexterm zone="openssl">
24 <primary sortas="a-OpenSSL">OpenSSL</primary>
25 </indexterm>
26
27 <sect2 role="package">
28 <title>Introduction to OpenSSL</title>
29
[bbdb0d16]30 <para>
31 The <application>OpenSSL</application> package contains management tools
32 and libraries relating to cryptography. These are useful for providing
[45db70f]33 cryptographic functions to other packages, such as
[bbdb0d16]34 <application>OpenSSH</application>, email applications and web browsers
35 (for accessing HTTPS sites).
36 </para>
[5a5bbbf]37
[ce63bfd2]38 &lfs81_checked;
[aafcfb8]39
[5a5bbbf]40 <bridgehead renderas="sect3">Package Information</bridgehead>
41 <itemizedlist spacing="compact">
42 <listitem>
[bbdb0d16]43 <para>
44 Download (HTTP): <ulink url="&openssl-download-http;"/>
45 </para>
[5a5bbbf]46 </listitem>
47 <listitem>
[bbdb0d16]48 <para>
49 Download (FTP): <ulink url="&openssl-download-ftp;"/>
50 </para>
[5a5bbbf]51 </listitem>
52 <listitem>
[bbdb0d16]53 <para>
54 Download MD5 sum: &openssl-md5sum;
55 </para>
[5a5bbbf]56 </listitem>
57 <listitem>
[bbdb0d16]58 <para>
59 Download size: &openssl-size;
60 </para>
[5a5bbbf]61 </listitem>
62 <listitem>
[bbdb0d16]63 <para>
64 Estimated disk space required: &openssl-buildsize;
65 </para>
[5a5bbbf]66 </listitem>
67 <listitem>
[bbdb0d16]68 <para>
69 Estimated build time: &openssl-time;
70 </para>
[5a5bbbf]71 </listitem>
72 </itemizedlist>
73
[bbdb0d16]74 <para condition="html" role="usernotes">
75 User Notes: <ulink url='&blfs-wiki;/OpenSSL'/>
76 </para>
[5a5bbbf]77 </sect2>
78
79 <sect2 role="installation">
80 <title>Installation of OpenSSL</title>
81
[bbdb0d16]82 <para>
[d5d39eb]83 Install <application>OpenSSL</application> with the following commands:
[bbdb0d16]84 </para>
[5a5bbbf]85
[f82ac3f]86
[03da570f]87<screen><userinput>./config --prefix=/usr \
[c96921c]88 --openssldir=/etc/ssl \
[202d18d]89 --libdir=lib \
[c96921c]90 shared \
91 zlib-dynamic &amp;&amp;
[a4f37269]92make</userinput></screen>
[a181baeb]93
[bbdb0d16]94 <para>
[2f1d148]95 To test the results, issue: <command>make test</command>.
[bbdb0d16]96 </para>
97
98 <para>
99 If you want to disable installing the static libraries, use this sed:
100 </para>
[5a5bbbf]101
[a4f37269]102<screen><userinput>sed -i 's# libcrypto.a##;s# libssl.a##;/INSTALL_LIBS/s#libcrypto.a##' Makefile</userinput></screen>
[bbdb0d16]103
104 <para>
105 Now, as the <systemitem class="username">root</systemitem> user:
106 </para>
[5a5bbbf]107
[1faedf0]108<!-- dev note: make INSTALL_PREFIX=<DESTDIR> MANDIR=/usr/share/man MANSUFFIX=ssl install -->
109
[a4f37269]110<screen role="root"><userinput>make MANSUFFIX=ssl install &amp;&amp;
111mv -v /usr/share/doc/openssl{,-&openssl-version;} &amp;&amp;
112cp -vfr doc/* /usr/share/doc/openssl-&openssl-version;</userinput></screen>
[4c39aff]113
[5a5bbbf]114 </sect2>
115
116 <sect2 role="commands">
117 <title>Command Explanations</title>
118
[bbdb0d16]119 <para>
120 <parameter>shared</parameter>: This parameter forces the creation of
121 shared libraries along with the static libraries.
122 </para>
123
124 <para>
125 <parameter>zlib-dynamic</parameter>: This parameter adds
126 compression/decompression functionality using the
127 <filename class="libraryfile">libz</filename> library.
128 </para>
129
130 <para>
131 <option>no-rc5 no-idea</option>: When added to the
132 <command>./config</command> command, this will eliminate the building
133 of those encryption methods. Patent licenses may be needed for you to
134 utilize either of those methods in your projects.
135 </para>
136
137 <para>
[a4f37269]138 <command>make MANSUFFIX=ssl install</command>:
139 This command appends an "ssl" suffix to the manual page names to avoid
140 conflicts with manual pages installed by other packages.
[bbdb0d16]141 </para>
[4c39aff]142
[5a5bbbf]143 </sect2>
144
145 <sect2 role="configuration">
146 <title>Configuring OpenSSL</title>
147
148 <sect3 id="openssl-config">
149 <title>Config Files</title>
150
[bbdb0d16]151 <para>
[d5d39eb]152 <filename>/etc/ssl/openssl.cnf</filename>
[bbdb0d16]153 </para>
[5a5bbbf]154
155 <indexterm zone="openssl openssl-config">
156 <primary sortas="e-etc-ssl-openssl.cnf">/etc/ssl/openssl.cnf</primary>
157 </indexterm>
[4c39aff]158
[5a5bbbf]159 </sect3>
[d5d39eb]160
[5a5bbbf]161 <sect3>
162 <title>Configuration Information</title>
163
[bbdb0d16]164 <para>
165 Most users will want to install Certificate Authority Certificates
[5f91dfd]166 for validation of downloaded certificates. For example, these
[d5d39eb]167 certificates can be used by <xref linkend='git'/>,
168 <xref linkend='curl'/> or <xref linkend='wget'/> when accessing secure
169 (https protocol) sites. To do this, follow the instructions from the
170 <xref linkend='cacerts'/> page.
[0d7900a]171 </para>
[bbdb0d16]172
173 <para>
174 Users who just want to use <application>OpenSSL</application> for
175 providing functions to other programs such as
176 <application>OpenSSH</application> and web browsers do not need to worry
[f586237]177 about additional configuration. This is an advanced topic and those
[bbdb0d16]178 who do need it would normally be expected to either know how to properly
179 update <filename>/etc/ssl/openssl.cnf</filename> or be able to find out
180 how to do it.
181 </para>
[4c39aff]182
[5a5bbbf]183 </sect3>
[4c39aff]184
[5a5bbbf]185 </sect2>
186
187 <sect2 role="content">
188 <title>Contents</title>
189
190 <segmentedlist>
191 <segtitle>Installed Programs</segtitle>
192 <segtitle>Installed Libraries</segtitle>
193 <segtitle>Installed Directories</segtitle>
194
195 <seglistitem>
[bbdb0d16]196 <seg>
[4c39aff]197 c_rehash and openssl
[d5d39eb]198 </seg>
199 <seg>
[4de0151]200 libcrypto.{so,a} and libssl.{so,a}
[4c39aff]201 </seg>
202 <seg>
203 /etc/ssl,
204 /usr/include/openssl,
205 /usr/lib/engines and
206 /usr/share/doc/openssl-&openssl-version;
[bbdb0d16]207 </seg>
[5a5bbbf]208 </seglistitem>
209 </segmentedlist>
210
211 <variablelist>
212 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
213 <?dbfo list-presentation="list"?>
214 <?dbhtml list-presentation="table"?>
215
216 <varlistentry id="c_rehash">
217 <term><command>c_rehash</command></term>
218 <listitem>
[bbdb0d16]219 <para>
220 is a <application>Perl</application> script that scans all files in
221 a directory and adds symbolic links to their hash values.
222 </para>
[5a5bbbf]223 <indexterm zone="openssl c_rehash">
224 <primary sortas="b-c_rehash">c_rehash</primary>
225 </indexterm>
226 </listitem>
227 </varlistentry>
228
229 <varlistentry id="openssl-prog">
230 <term><command>openssl</command></term>
231 <listitem>
[bbdb0d16]232 <para>
233 is a command-line tool for using the various cryptography functions
234 of <application>OpenSSL</application>'s crypto library from the
235 shell. It can be used for various functions which are documented in
236 <command>man 1 openssl</command>.
237 </para>
[5a5bbbf]238 <indexterm zone="openssl openssl-prog">
239 <primary sortas="b-openssl">openssl</primary>
240 </indexterm>
241 </listitem>
242 </varlistentry>
243
244 <varlistentry id="libcrypto">
[4c39aff]245 <term><filename class="libraryfile">libcrypto.{so,a}</filename></term>
[5a5bbbf]246 <listitem>
[bbdb0d16]247 <para>
248 implements a wide range of cryptographic algorithms used in various
249 Internet standards. The services provided by this library are used
250 by the <application>OpenSSL</application> implementations of SSL,
251 TLS and S/MIME, and they have also been used to implement
252 <application>OpenSSH</application>,
253 <application>OpenPGP</application>, and other cryptographic
254 standards.
255 </para>
[5a5bbbf]256 <indexterm zone="openssl libcrypto">
[3597eb6]257 <primary sortas="c-libcrypto">libcrypto.{so,a}</primary>
[5a5bbbf]258 </indexterm>
259 </listitem>
260 </varlistentry>
261
262 <varlistentry id="libssl">
[4c39aff]263 <term><filename class="libraryfile">libssl.{so,a}</filename></term>
[5a5bbbf]264 <listitem>
[bbdb0d16]265 <para>
[d78194f3]266 implements the Transport Layer Security (TLS v1) protocol.
267 It provides a rich API, documentation
[bbdb0d16]268 on which can be found by running <command>man 3 ssl</command>.
269 </para>
[5a5bbbf]270 <indexterm zone="openssl libssl">
[3597eb6]271 <primary sortas="c-libssl">libssl.{so,a}</primary>
[5a5bbbf]272 </indexterm>
273 </listitem>
274 </varlistentry>
[4c39aff]275
[5a5bbbf]276 </variablelist>
[4c39aff]277
[5a5bbbf]278 </sect2>
[4c39aff]279
[f45b1953]280</sect1>
Note: See TracBrowser for help on using the repository browser.