[CentOS] Recompiling CentOS's stock openssl

Ray Van Dolson rayvd at bludgeon.org
Tue Sep 21 23:20:45 UTC 2010


On Tue, Sep 21, 2010 at 04:17:54PM -0700, Al Sparks wrote:
> I'm running CentOS release 4.8.
>  
> For security reasons, I have to modify openssl's ssl.h in /usr/include/openssl/.
>  
> That's easy.  But for the new settings to take effect, I have to recompile 
> openssl.  I do have openssl-devel installed.
>  
> How do I recompile?

The right way to do this would be to get the openssl SRPM, create a
patch against the stock sources that modifies the .h file you need to
change and include that patch in the .spec file build process.

You'd then generate a custom RPM that would replace the stock RPM.

Of course, make sure you _really_ need to do this.  You'll now need to
track security changes yourself.

Ray



More information about the CentOS mailing list