Centos curl ssl 替换 NSS 为 OpenSSL

系统版本是 Centos 6/7 64位。

1、先安装常用的开发环境。

yum groupinstall Development tools

2、编译OpenSSL

1.下载 OpenSSL：

wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz

2.解压 OpenSSL：

tar -xzvf openssl-1.0.2l.tar.gz

3.进入 OpenSSL目录：

cd openssl-1.0.2l

4.配置并编译 OpenSSL：

./config –shared
make && make install

3、编译配置curl

1.下载 curl 库：

wget https://curl.haxx.se/download/curl-7.55.1.tar.gz

2.解压 curl 库：

tar -xzvf curl-7.55.1.tar.gz

3.进入 curl 目录：

cd curl-7.55.1

4.设置动态库路径:

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/ssl/lib

5.配置并编译 curl：

./configure –prefix=/usr/local/curl/ –without-nss –with-ssl=/usr/local/ssl/
make && make install

6.备份默认的 curl 二进制文件

mv /usr/bin/curl /usr/bin/curl.bak

7.做一个新的 curl 软链

ln -s /usr/local/curl/bin/curl /usr/bin/curl

总体的替换到此就完成，可以执行 curl –version 来进行确认。下边是我执行的结果：

curl 7.55.1 (x86_64-pc-linux-gnu) libcurl/7.55.1 OpenSSL/1.0.2l
Release-Date: 2017-08-14
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IPv6 Largefile NTLM NTLM_WB SSL TLS-SRP UnixSockets HTTPS-proxy

CentOs 6 64 Bit系统操作实例：

# curl -V

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2

Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp

Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

# curl https://curl.haxx.se/download/curl-7.69.1.tar.gz

# tar zxvf curl-7.69.1.tar.gz

# cd curl-7.69.1

# ./configure –prefix=/usr/local/curl/ –without-nss –with-ssl

# make && make install

# /usr/local/curl/bin/curl -V

curl 7.69.1 (x86_64-pc-linux-gnu) libcurl/7.69.1 OpenSSL/1.0.1e-fips zlib/1.2.3

Release-Date: 2020-03-11

Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp

Features: AsynchDNS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL UnixSockets

# ldd /usr/local/curl/bin/curl

linux-vdso.so.1 => (0x00007ffd0c5bf000)

libcurl.so.4 => /usr/local/curl/lib/libcurl.so.4 (0x00007f6513ab3000)

libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007f6513837000)

libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007f6513454000)

libz.so.1 => /lib64/libz.so.1 (0x00007f651323e000)

librt.so.1 => /lib64/librt.so.1 (0x00007f6513035000)

libc.so.6 => /lib64/libc.so.6 (0x00007f6512ca1000)

libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007f6512a5d000)

libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007f6512776000)

libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007f6512572000)

libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007f6512346000)

libdl.so.2 => /lib64/libdl.so.2 (0x00007f6512141000)

libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6511f24000)

/lib64/ld-linux-x86-64.so.2 (0x0000564ebdb90000)

libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007f6511d19000)

libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007f6511b15000)

libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f65118fb000)

libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f65116db000)

而此时，系统的

# curl -V

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2

Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp

Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

# ldd /usr/bin/curl

linux-vdso.so.1 => (0x00007ffde3fec000)

libcurl.so.4 => /usr/lib64/libcurl.so.4 (0x00007fcbc9064000)

libidn.so.11 => /lib64/libidn.so.11 (0x00007fcbc8e32000)

libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007fcbc8be1000)

librt.so.1 => /lib64/librt.so.1 (0x00007fcbc89d9000)

libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fcbc8795000)

libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fcbc84ae000)

libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fcbc8282000)

libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fcbc807e000)

libssl3.so => /usr/lib64/libssl3.so (0x00007fcbc7e3e000)

libsmime3.so => /usr/lib64/libsmime3.so (0x00007fcbc7c12000)

libnss3.so => /usr/lib64/libnss3.so (0x00007fcbc78d3000)

libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007fcbc76a6000)

libplds4.so => /lib64/libplds4.so (0x00007fcbc74a2000)

libplc4.so => /lib64/libplc4.so (0x00007fcbc729d000)

libnspr4.so => /lib64/libnspr4.so (0x00007fcbc705e000)

libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fcbc6e41000)

libdl.so.2 => /lib64/libdl.so.2 (0x00007fcbc6c3d000)

libssh2.so.1 => /usr/lib64/libssh2.so.1 (0x00007fcbc6a14000)

libz.so.1 => /lib64/libz.so.1 (0x00007fcbc67fe000)

libc.so.6 => /lib64/libc.so.6 (0x00007fcbc646a000)

liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00007fcbc625a000)

libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fcbc6040000)

libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007fcbc5e26000)

/lib64/ld-linux-x86-64.so.2 (0x000055a80dede000)

libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fcbc5c1a000)

libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fcbc5a17000)

libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007fcbc57aa000)

libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007fcbc53c7000)

libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fcbc5190000)

libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fcbc4f70000)

libfreebl3.so => /lib64/libfreebl3.so (0x00007fcbc4cf7000)

# ldd /usr/bin/curl

linux-vdso.so.1 => (0x00007ffd715e1000)

libcurl.so.4 => /usr/lib64/libcurl.so.4 (0x00007efcd84af000)

libidn.so.11 => /lib64/libidn.so.11 (0x00007efcd827d000)

libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007efcd802c000)

librt.so.1 => /lib64/librt.so.1 (0x00007efcd7e24000)

libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007efcd7be0000)

libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007efcd78f9000)

libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007efcd76cd000)

libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007efcd74c9000)

libssl3.so => /usr/lib64/libssl3.so (0x00007efcd7289000)

libsmime3.so => /usr/lib64/libsmime3.so (0x00007efcd705d000)

libnss3.so => /usr/lib64/libnss3.so (0x00007efcd6d1e000)

libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007efcd6af1000)

libplds4.so => /lib64/libplds4.so (0x00007efcd68ed000)

libplc4.so => /lib64/libplc4.so (0x00007efcd66e8000)

libnspr4.so => /lib64/libnspr4.so (0x00007efcd64a9000)

libpthread.so.0 => /lib64/libpthread.so.0 (0x00007efcd628c000)

libdl.so.2 => /lib64/libdl.so.2 (0x00007efcd6088000)

libssh2.so.1 => /usr/lib64/libssh2.so.1 (0x00007efcd5e5f000)

libz.so.1 => /lib64/libz.so.1 (0x00007efcd5c49000)

libc.so.6 => /lib64/libc.so.6 (0x00007efcd58b5000)

liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00007efcd56a5000)

libresolv.so.2 => /lib64/libresolv.so.2 (0x00007efcd548b000)

libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007efcd5271000)

/lib64/ld-linux-x86-64.so.2 (0x00005572fd9ce000)

libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007efcd5065000)

libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007efcd4e62000)

libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007efcd4bf5000)

libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007efcd4812000)

libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007efcd45db000)

libselinux.so.1 => /lib64/libselinux.so.1 (0x00007efcd43bb000)

libfreebl3.so => /lib64/libfreebl3.so (0x00007efcd4142000)

# vi .bash_profile

# .bash_profile

# Get the aliases and functions

if [ -f ~/.bashrc ]; then

. ~/.bashrc

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

LD_LIBRARY_PATH=/usr/local/curl/lib

export PATH LD_LIBRARY_PATH

# /usr/bin/curl -V

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.69.1 OpenSSL/1.0.1e-fips zlib/1.2.3

Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp

Features: AsynchDNS IPv6 Largefile NTLM SSL libz

# ldd /usr/bin/curl

linux-vdso.so.1 => (0x00007fff7c777000)

libcurl.so.4 => /usr/local/curl/lib/libcurl.so.4 (0x00007fb5ed9b4000)

libidn.so.11 => /lib64/libidn.so.11 (0x00007fb5ed772000)

libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007fb5ed522000)

librt.so.1 => /lib64/librt.so.1 (0x00007fb5ed31a000)

libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 (0x00007fb5ed0d5000)

libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fb5ecdef000)

libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fb5ecbc3000)

libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fb5ec9be000)

libssl3.so => /usr/lib64/libssl3.so (0x00007fb5ec77f000)

libsmime3.so => /usr/lib64/libsmime3.so (0x00007fb5ec553000)

libnss3.so => /usr/lib64/libnss3.so (0x00007fb5ec213000)

libnssutil3.so => /usr/lib64/libnssutil3.so (0x00007fb5ebfe7000)

libplds4.so => /lib64/libplds4.so (0x00007fb5ebde3000)

libplc4.so => /lib64/libplc4.so (0x00007fb5ebbdd000)

libnspr4.so => /lib64/libnspr4.so (0x00007fb5eb99f000)

libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fb5eb782000)

libdl.so.2 => /lib64/libdl.so.2 (0x00007fb5eb57d000)

libssh2.so.1 => /usr/lib64/libssh2.so.1 (0x00007fb5eb355000)

libz.so.1 => /lib64/libz.so.1 (0x00007fb5eb13f000)

libc.so.6 => /lib64/libc.so.6 (0x00007fb5eadaa000)

libssl.so.10 => /usr/lib64/libssl.so.10 (0x00007fb5eab3e000)

libcrypto.so.10 => /usr/lib64/libcrypto.so.10 (0x00007fb5ea75b000)

liblber-2.4.so.2 => /lib64/liblber-2.4.so.2 (0x00007fb5ea54b000)

libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fb5ea331000)

libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00007fb5ea117000)

/lib64/ld-linux-x86-64.so.2 (0x0000564abf25b000)

libkrb5support.so.0 => /lib64/libkrb5support.so.0 (0x00007fb5e9f0b000)

libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fb5e9d08000)

libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007fb5e9ad0000)

libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fb5e98b1000)

libfreebl3.so => /lib64/libfreebl3.so (0x00007fb5e9637000)

flyinweb's blog

不积跬步，无以致千里；不积小流，无以成江海。

Centos curl ssl 替换 NSS 为 OpenSSL

发表回复取消回复

相关文章：

发表回复 取消回复

发表回复取消回复