Skip to content
Follow
Ubuntu Linux

How to Manually Install OpenSSL on Ubuntu

Richard
Written by
Richard
Sep 24, 2018 Updated Jun 19, 2026 3 min read
How to Install Google Chrome on Ubuntu Linux
How to Install Google Chrome on Ubuntu Linux

Manually installing OpenSSL on Ubuntu gives you access to the latest cryptographic libraries and security features not found in the distribution’s default package.

OpenSSL is a robust, open-source toolkit for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, along with a general-purpose cryptography library. This manual installation is essential when your applications demand cutting-edge security protocols, as the version included with Ubuntu 22.04 LTS, for instance, might not be current enough.

By following this process, you empower your system with the most recent OpenSSL version, ensuring your software benefits from the newest security advancements and compliance standards.

⚡ Quick Answer

Download the latest OpenSSL package from openssl.org, then compile and install it using `make` and `make install`. Update your system’s `manpath.config` and `/etc/environment` files to point to the new installation directory.

Download the OpenSSL Package

First, visit the official website to get the latest version. https://www.openssl.org/

Install OpenSSL Manually

Manually installing OpenSSL on Ubuntu starts with getting the source code files and unpacking them on your computer.

Run these commands to download the files:

Command Prompt
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.1.tar.gz
tar xvf openssl-1.1.1.tar.gz

Next, run these commands to install the files:

Command Prompt
cd openssl-1.1.1
sudo ./config -Wl,--enable-new-dtags,-rpath,'$(LIBRPATH)'
sudo make
sudo make install

Your new files are now stored in this folder:

💻Code
OpenSSL 1.1.1  11 Sep 2018
built on: Sun Sep 23 22:27:39 2018 UTC
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
Seeding source: os-specific

Update Your System Paths

After you manually install OpenSSL on Ubuntu, you need to tell your system where to find this new version by updating its paths.

💻Code
OpenSSL 1.1.0g  2 Nov 2017
built on: reproducible build, date unspecified
platform: debian-amd64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/lib/ssl"" -DENGINESDIR=""/usr/lib/x86_64-linux-gnu/engines-1.1"" 
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"

) by default, you must tell your computer where to find your new installation.

1. Update the manual pages:

Edit the configuration file using this command:

🐧Bash / Shell
sudo nano /etc/manpath.config

Add this line to the file:

💻Code
MANPATH_MAP     /sbin                   /usr/share/man
MANPATH_MAP     /usr/sbin               /usr/share/man
MANPATH_MAP     /usr/local/bin          /usr/local/man
MANPATH_MAP     /usr/local/bin          /usr/local/share/man
MANPATH_MAP     /usr/local/sbin         /usr/local/man
MANPATH_MAP     /usr/local/sbin         /usr/local/share/man
MANPATH_MAP     /usr/X11R6/bin          /usr/X11R6/man
MANPATH_MAP     /usr/bin/X11            /usr/X11R6/man
MANPATH_MAP     /usr/games              /usr/share/man
MANPATH_MAP     /opt/bin                /opt/man
MANPATH_MAP     /opt/sbin               /opt/man
MANPATH_MAP     /usr/local/ssl/bin      /usr/local/ssl/man

Save and close the file, then update the database:

🐧Bash / Shell
sudo mandb

2. Update the execution path:

Open the environment configuration file:

🐧Bash / Shell
sudo nano /etc/environment

Add this line to the end of the file:

💻Code
PATH="/usr/local/sbin:/usr/local/bin:/usr/local/ssl/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"

Save your changes and restart your computer. Your system should now recognize the new version of OpenSSL.

Note: Some programs, like Apache or Nginx, may need to be rebuilt to recognize the new version.

Summary

  • OpenSSL is a toolkit that keeps your network communication secure.
  • Manual installation is necessary if you need the latest version not provided by Ubuntu’s default updates.
  • The process involves downloading the files, installing them, and updating your system configuration files so your computer knows where to find the new software.

Manually installing OpenSSL on Ubuntu is useful when you need the very latest version that isn’t yet in Ubuntu’s regular updates.









Was this guide helpful?

Tags: #Ubuntu Linux
Was this helpful?
Richard

About the Author

Richard

Tech Writer, IT Professional

Richard, a writer for Geek Rewind, is a tech enthusiast who loves breaking down complex IT topics into simple, easy-to-understand ideas. With years of hands-on experience in system administration and enterprise IT operations, he’s developed a knack for offering practical tips and solutions. Richard aims to make technology more accessible and actionable. He's deeply committed to the Geek Rewind community, always ready to answer questions and engage in discussions.

📚 Related Tutorials

How to Install Additional Software on Ubuntu
Ubuntu Linux How to Install Additional Software on Ubuntu
How to Install GNOME Desktop on Ubuntu 24.04
Ubuntu Linux How to Install GNOME Desktop on Ubuntu 24.04
How to Install KDE Desktop on Ubuntu 24.04
Ubuntu Linux How to Install KDE Desktop on Ubuntu 24.04

0 Comments

  • rodrigo
    Jan 9, 2019

    ideally don’ t use `sudo config` or `sudo make`
    also in config you can specify where the openssl library installs to by using
    `–openssldir=/foo/bar` that way you should be able to skip all the workarounds for linking

    Reply
    • AK
      Sep 5, 2019

      “ideally don’ t use `sudo config` or `sudo make`”
      what do you use instead?

      Reply
  • Kiart P
    Apr 18, 2019

    how to make apache on ubunt 16.04 working with openssl 1.1.1, phpinfo() still show 1.0.2 version

    Reply
  • Tartist
    Jul 28, 2019

    Thanks all i needed.

    Reply
  • Priyanka
    Aug 29, 2019

    OpenSSL 1.1.1 11 Sep 2018
    built on: Sun Sep 23 22:27:39 2018 UTC
    platform: linux-x86_64
    options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
    compiler: gcc -fPIC -pthread -m64 -Wa,–noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
    OPENSSLDIR: “/usr/local/ssl”
    ENGINESDIR: “/usr/local/lib/engines-1.1”
    Seeding source: os-specific

    how to get all this verbose information of the package, tried openssl version command didn’t get much help. Also how to point the path to the different path

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *