The elusive latest version of OpenSSL, we finally meet.

As everyone knows, CentOS does not always ship with the latest version of softwares. The core repo focuses more on stability rather than freshness.

We recently needed to update OpenSSL on a server with HTTP/2 enabled. The server has nginx setup to handle SSL connections, which it hands off to Varnish which further hands the request back to Apache w/ PHP-FPM.

Get the pre-requisites

Start off by changing your directory to /usr/src

Fetch the latest source for OpenSSL, at the time of writing it was 1.0.2k. Head over to this page to get the latest source

Extract

Step into the extracted folder

Run configure and install

At this point, it is best to backup the current OpenSSL binary file

Now link to the latest version so it is globally accessible

That should do it,  enter openssl version at shell to verify

OpenSSL version