查看当前openssl 版本： which openssl

 

# openssl version

 

wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz

 安装openssl
  tar -zxvf openssl-1.0.1g.tar.gz
  cd openssl-1.0.1g

./config --prefix=/usr/local/openssl 

  make && make install

 设置openssl
  mv /usr/bin/openssl /usr/bin/openssl.OFF
  mv /usr/include/openssl /usr/include/openssl.OFF
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl

配置库文件搜索路径
 echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
 ldconfig -v

查看版本号：
# openssl version

升级nginx openssl
/usr/local/nginx/sbin/nginx  -V

tar -zxvf nginx-1.2.2.tar.gz
# cd nginx-1.2.2

 

 

 

2.3.修改加载openssl 方式：   重新编译nginx需要
# vi auto/lib/openssl/conf     需要修改的文件位于安装包源文件中  的  /auto/lib/openssl/conf 文件

CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
改为：
CORE_INCS="$CORE_INCS $OPENSSL/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libcrypto.a"
2.4.重新编译nginx
#./configure --user=www --group=www --prefix=/usr/local/nginx --with-google_perftools_module --with-http_stub_status_module --with-http_ssl_module --with-openssl=/usr/local/openssl --with-pcre=/tmp/soft/lnmp/pcre-8.31

 设定配置(注意,--with-openssl=/usr/local/openssl 这个为升级openssl时的路径)

或者

./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-openssl=/usr/local/openssl  --with-http_ssl_module --with-http_gzip_static_module --with-ipv6#make
2.5. 修改nginx

#cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.old
#cp ./objs/nginx /usr/local/nginx/sbin/

 

make upgrade