OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.

OpenSSL is used by many programs like Apache Web server, PHP, and many others providing support for various cryptographic algorithms such as ciphers (AES, Blowfish, DES, IDEA etc.), and cryptographic hash functions (MD5, MD4, SHA-1, SHA-2 etc.)

In this guide, we are going to install the latest version of OpenSSL on Ubuntu 16.04/18.04.

Deploying your cloud server
If you have not already registered with Cloudwafer, you should begin by getting signed up. Take a moment to create an account after which you can easily deploy your own cloud servers.

Once you have signed up, log into your Cloudwafer Client Area with the password provided in your mail and deploy your Cloudwafer cloud server.

Updating System Packages
It is always recommended that you update the system to the latest packages before beginning any major installations. This is done with the command below:

sudo apt-get update && sudo apt-get upgrade

Before we begin our installation, you can check the version of OpenSSL installed on your server by issuing the command below:

openssl version -a

Step 1: Install the necessary packages for compiling
Issue the command below to install the necessary packages for compilation:

sudo apt install build-essential checkinstall zlib1g-dev -y

Step 2: Download OpenSSL
Next, we are going to download OpenSSL from the source (getting the latest version which at the time of writing this guide, the latest stable version is the 1.1.1 series).

cd /usr/local/src/
sudo wget https://www.openssl.org/source/openssl-1.1.1c.tar.gz

Next, extract the downloaded file using the command below:

sudo tar -xf openssl-1.1.1c.tar.gz

Next, navigate to the extracted directory.

cd openssl-1.1.1c

Step 3: Install OpenSSL
We are now going to install the latest version of OpenSSL which we downloaded using the command below:

sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib

sudo make
sudo make test
sudo make install

Step 4: Configure OpenSSL Shared Libraries
Naviagate to the /etc/ld.so.conf.d directory and create a new configuration file 'openssl-1.1.1c.conf'.

cd /etc/ld.so.conf.d/
sudo nano openssl-1.1.1c.conf

Enter the following:

/usr/local/ssl/lib

Ensure to save before you exit.

Next, reload the dynamic link by issuing the command below:

sudo ldconfig -v

Step 5: Configure OpenSSL Binary
In our final configuration, we are going to insert the binary of our new version of OpenSSL installed (located at /usr/local/ssl/bin/openssl) to replace the default openssl binary (located at /usr/bin/openssl or /bin/openssl).

First, carry out a backup of the binary files.

sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup
sudo mv /usr/bin/openssl /usr/bin/openssl.backup

Next, edit the /etc/environment file using vim.

sudo nano /etc/environment

Insert the following:

PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/ssl/bin"

Ensure to save before you exit.

Next, reload the OpenSSL environment and check the PATH bin directory using commands below:

source /etc/environment
echo $PATH

We can now check and verify our installation of the latest stable version of OpenSSL using the command below:

 which openssl
 openssl version -a