Created
October 12, 2016 15:33
-
-
Save metavida/f6c1c345057cbd8e227922cdb6a45191 to your computer and use it in GitHub Desktop.
compile openssl for ruby
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The following instructions allowed me to isntall a custom version of OpenSSL | |
| # along-side any existing versions | |
| # and then re-compile ruby using rvm so that the custom OpenSSL was used. | |
| openssl_version='1.0.2j' | |
| # Get openssl | |
| cd ~root/src/ | |
| wget https://www.openssl.org/source/openssl-${openssl_version}.tar.gz | |
| sha256sum ~root/src/openssl-${openssl_version}.tar.gz | grep "$(curl -fsS https://www.openssl.org/source/openssl-${openssl_version}.tar.gz.sha256 2>&1 || echo FAILED)" || echo "V0FSTklORzogY2hlY2tzdW0gbWlzbWF0Y2guIFBsZWFzZSBTVE9QIQo=" | base64 --decode | |
| tar -xvf openssl-${openssl_version}.tar.gz | |
| # Compile openssl | |
| cd ~root/src/openssl-${openssl_version} | |
| CFLAGS=-fPIC ./config shared no-ssl2 no-ssl3 --prefix=/usr/local/lib/openssl-${openssl_version} | |
| make depend | |
| make | |
| make install | |
| # Reinstall all ruby versions that you want to use this version | |
| rvm reinstall 2.3.1 --with-openssl-dir=/usr/local/lib/openssl-${openssl_version} | |
| # confirm everything worked | |
| rvm 2.3.1 do ruby -ropenssl -e "puts OpenSSL::PKey::EC" | |
| rvm 2.3.1 do ruby -ropenssl -ropen-uri -e "open('https://google.com') && puts('success')" | |
| # Note: On our CentOS 5.5 servers, I had to add this line to /etc/profile | |
| # in order to allow ruby to correctly verify SSL certificates | |
| export SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment