I'm updating OpenSSL on my Mac OS X 10.8.5. I updated using the below commands and it seems to have succeeded.
wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz
tar xzf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./Configure darwin64-x86_64-cc
make all
sudo make install
However, when I do a "openssl version" I still get "OpenSSL 0.9.8y 5 Feb 2013" even though I just did a make install with 1.0.1g. Am I missing a step here?
However, when I do a "openssl version" I still get "OpenSSL 0.9.8y 5 Feb 2013" even though I just did a make install with 1.0.1g. Am I missing a step here?
The OpenSSL you built and installed is located in /usr/local/ssl
. The program openssl
is located in /usr/local/ssl/bin
, the headers are located in /usr/local/ssl/include/openssl
, and the libraries are located in /usr/local/ssl/lib
.
You are using the OpenSSL that came with Mac OS X in /usr/bin
:
$ find /usr -iname openssl
/usr/bin/openssl
...
You can examine the details of the OpenSSL you installed by using the full path:
$ /usr/local/ssl/darwin/bin/openssl version -a
OpenSSL 1.0.1g-fips 7 Apr 2014
built on: Fri Apr 11 10:23:53 EDT 2014
platform: darwin64-x86_64-cc
options: bn(64,64) rc4(ptr,char) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: cc -fPIC -fno-common -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN
-DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT
-DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -I/usr/local/ssl/fips-2.0/include -DSHA1_ASM
-DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/usr/local/ssl/darwin/ssl"
You can change the installation directory with the following:
export KERNEL_BITS=64
./config --openssldir=XXX
You can also tune the installation with the following. If you are on a modern Mac, I believe enable-ec_nistp_64_gcc_128
will give you a 2x to 4x speedup in EC operations (by using uint128_t
):
export KERNEL_BITS=64
./config shared no-ssl2 enable-ec_nistp_64_gcc_128 --openssldir=XXX
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.