Skip to content

Instantly share code, notes, and snippets.

@dmckeone

dmckeone/OpenSSLOnFreeBSD.md

Last active November 2, 2016 15:18
Show Gist options
  • Save dmckeone/e18e57f727d2b13ccc08d8d4b17c68ea to your computer and use it in GitHub Desktop.
Save dmckeone/e18e57f727d2b13ccc08d8d4b17c68ea to your computer and use it in GitHub Desktop.
Download ZIP
Keep OpenSSL updated on FreeBSD
Raw
OpenSSLOnFreeBSD.md

Based on: https://mebsd.com/freebsd-security-hardening/openssl-upgrade-freebsd.html

Update ports tree:

portsnap fetch update

(OPTIONAL) If the ports tree snapshot is corrupt you may need to rebuild it from scratch:

rm /var/db/portsnap/tag && rm -rf /var/db/portsnap/files && portsnap fetch extract

Edit /etc/make.conf and add:

DEFAULT_VERSIONS+=ssl=openssl

(ALTERNATIVE) Older versions of FreeBSD may use:

WITH_OPENSSL_PORT=yes

In basic configuration this results in an /etc/make.conf that looks like this:

WITH_PKGNG=yes
DEFAULT_VERSIONS+=ssl=openssl

(OPTIONAL) Install portupgrade if it's not yet installed

cd /usr/ports/ports-mgmt/portupgrade
make install clean BATCH=yes; rehash

Install OpenSSL

portupgrade -N security/openssl

Rebuild all packages associated with OpenSSL

portupgrade -Rrf security/openssl
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment