Skip to content
This repository has been archived by the owner on Dec 30, 2020. It is now read-only.

Install custom OpenSSL and Ruby on CentOS 5 host

Jump to bottom
William Johnston edited this page Mar 30, 2016 · 10 revisions

Note: This tutorial assumes some basic knowledge of how to build apps from source. Proceed at your own risk.

Download OpenSSL from https://www.openssl.org/source/. Then build it and install it in ~/opt.

It is recommended that you run these commands inside a screen or tmux session in case your login crashes.

mkdir ~/build
mkdir ~/opt
cd ~/build
wget https://www.openssl.org/source/openssl-1.0.2g.tar.gz
tar -zxvf openssl-1.0.2g.tar.gz
cd openssl-1.0.2g
./config --prefix=~/opt shared enable-ec enable-ecdh enable-ecdsa
make depend
make
make install

Add the following to your .bash_profile:

export LD_LIBRARY_PATH="$HOME/opt/lib/"
export PATH="$HOME/opt/bin:$PATH"
# For RBenv build.
export TMPDIR="$HOME/tmp"

Restart your shell (tmux/screen session or log out and back in). Then run:

PKG_CONFIG_PATH="$HOME/opt/lib/pkgconfig/" RUBY_CONFIGURE_OPTS="--with-openssl --with-opt-dir=$HOME/opt --with-openssl-dir=$HOME/opt" rbenv install 2.2.4

Ruby 2.3.0 is too new to build on the older toolchain.

To test whether you have been successful, run:

rbenv local 2.2.4
ruby -ropenssl -e "puts OpenSSL::PKey::EC"

It should respond with "OpenSSL::PKey::EC".

Then proceed with the Readme using rbenv with Ruby 2.2.4.

The CentOS 5 boxes do not have a new enough certificate store, so you will need to do the following to successfully retrieve a certificate:

cd ~
wget http://curl.haxx.se/ca/cacert.pem
SSL_CERT_FILE=~/cacert.pem letsencrypt_webfaction [remainder of arguments]
Clone this wiki locally