%general-entities; ]> $LastChangedBy$ $Date$ OpenSSL The OpenSSL package contains management tools and libraries relating to cryptography. These are useful for providing cryptographic functions to other packages, such as OpenSSH, email applications and web browsers (for accessing HTTPS sites). &lfs7a_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &openssl-md5sum; Download size: &openssl-size; Estimated disk space required: &openssl-buildsize; Estimated build time: &openssl-time; OpenSSL Dependencies Optional User Notes: Install OpenSSL with the following commands: ./config --prefix=/usr \ --openssldir=/etc/ssl \ --libdir=lib \ shared \ zlib-dynamic && make depend && make To test the results, issue: make -j1 test. The test suite does not support parallel jobs. If you want to disable installing the static libraries, use this sed: sed -i 's# libcrypto.a##;s# libssl.a##' Makefile Now, as the root user: make MANDIR=/usr/share/man MANSUFFIX=ssl install && install -dv -m755 /usr/share/doc/openssl-&openssl-version; && cp -vfr doc/* /usr/share/doc/openssl-&openssl-version; shared: This parameter forces the creation of shared libraries along with the static libraries. zlib-dynamic: This parameter adds compression/decompression functionality using the libz library. no-rc5 no-idea: When added to the ./config command, this will eliminate the building of those encryption methods. Patent licenses may be needed for you to utilize either of those methods in your projects. make MANDIR=/usr/share/man MANSUFFIX=ssl install: This command installs OpenSSL with the man pages in /usr/share/man instead of /etc/ssl/man and appends "ssl" suffix to the manual page names to avoid conflicts with manual pages installed by other packages. /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf Most users will want to install Certificate Authority Certificates for validation of downloaded certificates. For example, these certificates can be used by , or when accessing secure (https protocol) sites. To do this, follow the instructions from the page. Users who just want to use OpenSSL for providing functions to other programs such as OpenSSH and web browsers do not need to worry about additional configuration. This is an advanced topic and those who do need it would normally be expected to either know how to properly update /etc/ssl/openssl.cnf or be able to find out how to do it. Installed Programs Installed Libraries Installed Directories c_rehash and openssl libcrypto.{so,a} and libssl.{so,a} /etc/ssl, /usr/include/openssl, /usr/lib/engines and /usr/share/doc/openssl-&openssl-version; Short Descriptions c_rehash is a Perl script that scans all files in a directory and adds symbolic links to their hash values. c_rehash openssl is a command-line tool for using the various cryptography functions of OpenSSL's crypto library from the shell. It can be used for various functions which are documented in man 1 openssl. openssl libcrypto.{so,a} implements a wide range of cryptographic algorithms used in various Internet standards. The services provided by this library are used by the OpenSSL implementations of SSL, TLS and S/MIME, and they have also been used to implement OpenSSH, OpenPGP, and other cryptographic standards. libcrypto.{so,a} libssl.{so,a} implements the Transport Layer Security (TLS v1) protocol. It provides a rich API, documentation on which can be found by running man 3 ssl. libssl.{so,a}