INSTALLATION ON THE UNIX PLATFORM
---------------------------------
- [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described
- in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.]
+ [Installation on DOS (with djgpp), Windows, OpenVMS and MacOS (before MacOS X)
+ is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.
+ This document describes installation on operating systems in the Unix
+ family.]
To install OpenSSL, you will need:
+ * make
* Perl 5
* an ANSI C compiler
+ * a development environment in form of development libraries and C
+ header files
* a supported Unix operating system
Quick Start
--openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
the library files and binaries are also installed there.
- rsaref Build with RSADSI's RSAREF toolkit (this assumes that
- librsaref.a is in the library search path).
-
no-threads Don't try to build with support for multi-threaded
applications.
This will usually require additional system-dependent options!
See "Note on multi-threading" below.
+ no-zlib Don't try to build with support for zlib compression and
+ decompression.
+
+ zlib Build with support for zlib compression/decompression.
+
+ zlib-dynamic Like "zlib", but has OpenSSL load the zlib library dynamically
+ when needed. This is only supported on systems where loading
+ of shared libraries is supported. This is the default choice.
+
no-shared Don't try to create shared libraries.
shared In addition to the usual static libraries, create shared
directory, and the binary will be in the "apps" directory.
If "make" fails, look at the output. There may be reasons for
- the failure that isn't a problem in OpenSSL itself (like missing
+ the failure that aren't problems in OpenSSL itself (like missing
standard headers). If it is a problem with OpenSSL itself, please
report the problem to <openssl-bugs@openssl.org> (note that your
- message will be forwarded to a public mailing list). Include the
- output of "make report" in your message.
+ message will be recorded in the request tracker publicly readable
+ via http://www.openssl.org/rt2.html and will be forwarded to a public
+ mailing list). Include the output of "make report" in your message.
+ Please check out the request tracker. Maybe the bug was already
+ reported or has already been fixed.
[If you encounter assembler error messages, try the "no-asm"
configuration option as an immediate fix.]
try removing any compiler optimization flags from the CFLAGS line
in Makefile.ssl and run "make clean; make". Please send a bug
report to <openssl-bugs@openssl.org>, including the output of
- "make report".
+ "make report" in order to be added to the request tracker at
+ http://www.openssl.org/rt2.html.
4. If everything tests ok, install OpenSSL with
Note on shared libraries
------------------------
+ Shared library is currently an experimental feature. The only reason to
+ have them would be to conserve memory on systems where several program
+ are using OpenSSL. Binary backward compatibility can't be guaranteed
+ before OpenSSL version 1.0.
+
For some systems, the OpenSSL Configure script knows what is needed to
build shared libraries for libcrypto and libssl. On these systems,
the shared libraries are currently not created by default, but giving
targets for shared library creation, like linux-shared. Those targets
can currently be used on their own just as well, but this is expected
to change in future versions of OpenSSL.
+
+ Note on random number generation
+ --------------------------------
+
+ Availability of cryptographically secure random numbers is required for
+ secret key generation. OpenSSL provides several options to seed the
+ internal PRNG. If not properly seeded, the internal PRNG will refuse
+ to deliver random bytes and a "PRNG not seeded error" will occur.
+ On systems without /dev/urandom (or similar) device, it may be necessary
+ to install additional support software to obtain random seed.
+ Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
+ and the FAQ for more information.
projects / openssl.git / blobdiff