Ubuntu Linux

How to Manually Install OpenSSL on Ubuntu

Richard
Written by
Richard
Sep 24, 2018 Updated Apr 18, 2026 4 min read
How to Manually Install OpenSSL on Ubuntu

This guide shows you how to manually install the latest version of OpenSSL on your Ubuntu computer.

Why do this? Ubuntu comes with a built-in version of OpenSSL, but it is often outdated. If you use specific software that requires the newest security features, you need to install the latest version yourself.

What happens when done? Your system will have the most recent version of the OpenSSL toolkit, allowing your apps to use the latest security protocols.

Download the OpenSSL Package

First, visit the official website to get the latest version. https://www.openssl.org/

Install OpenSSL Manually

Follow these steps to download and install the toolkit. Note: These steps require admin privileges. Use sudo before commands when prompted.

Run these commands to download the files:

Command Prompt
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.1.tar.gz
tar xvf openssl-1.1.1.tar.gz

Next, run these commands to install the files:

Command Prompt
cd openssl-1.1.1
sudo ./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
sudo make
sudo make install

Your new files are now stored in this folder:

💻Code
OpenSSL 1.1.1  11 Sep 2018
built on: Sun Sep 23 22:27:39 2018 UTC
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
Seeding source: os-specific

Update Your System Paths

Because Ubuntu looks in a different folder (

💻Code
OpenSSL 1.1.0g  2 Nov 2017
built on: reproducible build, date unspecified
platform: debian-amd64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/lib/ssl"" -DENGINESDIR=""/usr/lib/x86_64-linux-gnu/engines-1.1"" 
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"

) by default, you must tell your computer where to find your new installation.

1. Update the manual pages:

Edit the configuration file using this command:

🐧Bash / Shell
sudo nano /etc/manpath.config

Add this line to the file:

💻Code
MANPATH_MAP     /sbin                   /usr/share/man
MANPATH_MAP     /usr/sbin               /usr/share/man
MANPATH_MAP     /usr/local/bin          /usr/local/man
MANPATH_MAP     /usr/local/bin          /usr/local/share/man
MANPATH_MAP     /usr/local/sbin         /usr/local/man
MANPATH_MAP     /usr/local/sbin         /usr/local/share/man
MANPATH_MAP     /usr/X11R6/bin          /usr/X11R6/man
MANPATH_MAP     /usr/bin/X11            /usr/X11R6/man
MANPATH_MAP     /usr/games              /usr/share/man
MANPATH_MAP     /opt/bin                /opt/man
MANPATH_MAP     /opt/sbin               /opt/man
MANPATH_MAP     /usr/local/ssl/bin      /usr/local/ssl/man

Save and close the file, then update the database:

🐧Bash / Shell
sudo mandb

2. Update the execution path:

Open the environment configuration file:

🐧Bash / Shell
sudo nano /etc/environment

Add this line to the end of the file:

💻Code
PATH="/usr/local/sbin:/usr/local/bin:/usr/local/ssl/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"

Save your changes and restart your computer. Your system should now recognize the new version of OpenSSL.

Note: Some programs, like Apache or Nginx, may need to be rebuilt to recognize the new version.

Summary

  • OpenSSL is a toolkit that keeps your network communication secure.
  • Manual installation is necessary if you need the latest version not provided by Ubuntu’s default updates.
  • The process involves downloading the files, installing them, and updating your system configuration files so your computer knows where to find the new software.

You may also like the post below: %%LNK1%%

What is OpenSSL and why do I need it on Ubuntu?

OpenSSL is an open-source toolkit for implementing the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. You may need it on Ubuntu to ensure your applications use the latest security features and updates.


How do I manually install OpenSSL on Ubuntu?

To manually install OpenSSL on Ubuntu, download the latest version from the OpenSSL website, extract the files, and run the configuration, make, and install commands in the terminal. This process ensures you have the most up-to-date version.


What commands do I need to run to install OpenSSL?

You need to run commands like 'wget' to download the OpenSSL package, followed by 'tar' to extract it. Then, navigate to the extracted folder and run 'sudo ./config', 'sudo make', and 'sudo make install' to complete the installation.


Where is OpenSSL installed on Ubuntu?

After installation, OpenSSL is typically installed in the '/usr/local/ssl' directory. However, the default OpenSSL version provided by Ubuntu is located in '/usr/lib/ssl'.


How can I verify the installed version of OpenSSL?

You can verify the installed version of OpenSSL by running the command 'openssl version' in the terminal. This will display the version number and confirm that the installation was successful.

Was this guide helpful?

Tags: #Ubuntu Linux
Richard

About the Author

Richard

Tech Writer, IT Professional

Richard, the owner and lead writer at Geek Rewind, is a tech enthusiast passionate about simplifying complex IT topics. His years of hands-on experience in system administration and enterprise IT operations have honed his ability to provide practical insights and solutions. Richard aims to make technology more accessible and actionable. He's deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions.

2457 articles → Twitter

📚 Related Tutorials

How to Check & Install Specific Nginx version on Ubuntu Linux
Ubuntu Linux How to Check & Install Specific Nginx version on Ubuntu Linux
Manage Apache Services on Ubuntu: Start, Stop, Restart, Reload
Ubuntu Linux Manage Apache Services on Ubuntu: Start, Stop, Restart, Reload
How to Show Seconds on Ubuntu's Clock & Calendar
Ubuntu Linux How to Show Seconds on Ubuntu's Clock & Calendar
How to Install RubyMine on Ubuntu 24.04
Ubuntu Linux How to Install RubyMine on Ubuntu 24.04

0 responses to “How to Manually Install OpenSSL on Ubuntu”

  1. ideally don’ t use `sudo config` or `sudo make`
    also in config you can specify where the openssl library installs to by using
    `–openssldir=/foo/bar` that way you should be able to skip all the workarounds for linking

    Reply

  2. how to make apache on ubunt 16.04 working with openssl 1.1.1, phpinfo() still show 1.0.2 version

    Reply

  4. OpenSSL 1.1.1 11 Sep 2018
    built on: Sun Sep 23 22:27:39 2018 UTC
    platform: linux-x86_64
    options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
    compiler: gcc -fPIC -pthread -m64 -Wa,–noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
    OPENSSLDIR: “/usr/local/ssl”
    ENGINESDIR: “/usr/local/lib/engines-1.1”
    Seeding source: os-specific

    how to get all this verbose information of the package, tried openssl version command didn’t get much help. Also how to point the path to the different path

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *