The latest stable version of OpenSSL is the 3.0 series. Also available is the 1.1.1 series of OpenSSL which is a Long Term Support (LTS) version, supported until 11th September 2023. We use the new version 3.0.0 of the software to have a support of TLSv1.3 in NGINX on CentOS 7 and Debian servers which still run old versions of the library.
This guide covers only the installation of NGINX+OpenSSL 3.0.0 on a server with DirectAdmin. Other cases are not mentioned here.
In order to get the things compiled we will need to install the following package:
yum -y install perl-IPC-Cmd
There might be other packages required as well. We will update the list as soon as we discover them.
In order to get the things compiled we will need to install the following package:
apt -y install libgd-dev
There might be other packages required as well. We will update the list as soon as we discover them.
Now we need to make sure there is no custom script for configuring NGINX. It might exist if another custom modules were already added in NGINX.
cd /usr/local/directadmin/custombuild/ mkdir -p custom/nginx_reverse/ ls -la custom/nginx_reverse/ cat custom/nginx_reverse/configure.nginx
The latest command from the list should return empty (nothing). It's an expected output.
If we see any lines from the file, stop here. Copy the file
cp -p custom/nginx_reverse/configure.nginx custom/nginx_reverse/configure.nginx~bak
Analyse its content. And compare it with /usr/local/directadmin/custombuild/configure/nginx_reverse/configure.nginx. It is the original, i.e. default, script. See what lines differ.
And we install a custom script for compiling NGINX:
wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/nginx/nginx_reverse/configure.nginx~openssl-3.0.0 -O custom/nginx_reverse/configure.nginx chmod 755 custom/nginx_reverse/configure.nginx
Install custom config:
cd /usr/local/directadmin/custombuild/ mkdir -p custom/nginx_reverse/conf/ cp -p custom/nginx_reverse/conf/nginx-defaults.conf custom/nginx_reverse/conf/nginx-defaults.conf~bak wget https://raw.githubusercontent.com/poralix/directadmin-utils/master/nginx/nginx_reverse/conf/nginx-defaults.conf~TLSv1.3 -O custom/nginx_reverse/conf/nginx-defaults.conf
Then install NGINX:
cd /usr/local/directadmin/custombuild/ ./build update ./build nginx ./build rewrite_confs
If any error occurs during the installation you will need to investigate it by yourself, or contact us for a help.
Copy saved files to their original places (if you had custom copies of them before following this guide):
/usr/local/directadmin/custombuild/ mv -f custom/nginx_reverse/configure.nginx~bak custom/nginx_reverse/configure.nginx mv -f custom/nginx_reverse/conf/nginx-defaults.conf~bak custom/nginx_reverse/conf/nginx-defaults.conf
Or remove custom files (if you used a default NGINX installation):
/usr/local/directadmin/custombuild/ rm -f custom/nginx_reverse/configure.nginx rm -f custom/nginx_reverse/conf/nginx-defaults.conf
and re-install NGINX:
cd /usr/local/directadmin/custombuild/ ./build update ./build nginx ./build rewrite_confs
That's it.