The SUSE OpenSSL maintainers are hard at work to migrate openSUSE Tumbleweed and SUSE Linux Enterprise 15 to use OpenSSL 1.1 by default. Some work remains, see boo#1042629.
Here is how you can use OpenSSL 1.1 in parallel to the 1.0 version on openSUSE Leap for development and run-time:
zypper ar --refresh --check obs://security:tls security_tls
zypper in --from security_tls openssl libopenssl-devel
This replaces the following:
The following 3 NEW packages are going to be installed:
libopenssl-1_1_0-devel libopenssl1_1_0 openssl-1_1_0
The following 2 packages are going to be upgraded:
libopenssl-devel openssl
The following 2 packages are going to change architecture:
libopenssl-devel x86_64 -> noarch
openssl x86_64 -> noarch
The following 2 packages are going to change vendor:
libopenssl-devel openSUSE -> obs://build.opensuse.org/security
openssl openSUSE -> obs://build.opensuse.org/security
This will retain a working OpenSSL 1.0 run-time, and the two versions can be used in parallel. As you can see, the openssl
and libopenssl-devel
turn into non-architecture specific meta-packages.
Verify the installed command line version:
openssl version
OpenSSL 1.1.0f-fips 25 May 2017
To revert:
zypper in --from update --oldpackage openssl -libopenssl1_1_0
Accept the default conflict resolutions to switch back to the distribution packages.
Have the best of success porting your code to support OpenSSL 1.1. The upstream wiki has a good article on the OpenSSL 1.1 API changes.
Both comments and pings are currently closed.
Will SSL not be a part of the new LINUX Kernel?