installing OpenSSL 1.1.1 on RedHat 6.x

Jan Just Keijser janjust at
Fri Jul 9 07:27:12 UTC 2021

On 08/07/21 18:55, Tim Culhane wrote:
> Hi,
> We have a customer who is running our product on a RedHat 6.x server.
> Our product uses OpenSSL 1.1.1 to handle secure connections.
> Initial testing by the customer is showing segmentation faults in OpenSSL
> during the handshake process.
> We have successfully tested our product on CentOS 7.x servers.
> I know that RedHat certainly doesn't ship recent versions of OpenSSL  for
> RedHat 6.x.  However it is still possible to install later OpenSSL versions
> to run side-by-side the system installation.
> What I'm wondering is, would there be a  technical reason why OpenSSL 1.1.1
> would not work correctly on a RedHat 6.x system?
> For the record the customer has tried with OpenSSL 1.1.1g and 1.1.1k with
> similar results.

Note that RH 6 is out of support and it will be hard to find support for 
it anywhere. It uses openssl 1.0.1e by default which is *not* API 
compatible with 1.1.1k; please ensure that the RH openssl header files 
and development libraries are NOT installed when compiling your 
application against 1.1.1k (try removing the RPM openssl-devel).

I compiled and used OpenSSL up to version 1.1.1d on RH 6 without any 
issues; I just revived an old VM and built openssl 1.1.1k on it without 
problems. However, the command
   make test
failed as I am missing certain dependencies.

Without knowing how you build your appilcation it is impossible to tell 
where and how it is failing.

A long shot, but one thing to try is to install a newer gcc compiler; 
you can find one in the "sclo" repositories, e.g

and install 'devtoolset-9' to get gcc 9 on RH 6. Perhaps a rebuild using 
a new compiler fixes the segfaults you are seeing.  Most likely, 
however, you are mixing headers files from different versions of OpenSSL.



More information about the openssl-users mailing list