installing openssl on OS X

9
votes

I was getting "certificate verify failed (OpenSSL::SSL::SSLError)" in my ruby app and decided it was time to update the old openssl on my Mac OS X (Mountain Lion) system.

I grabbed the latest sources from here and did the usual

  • ./Configure darwin64-x86_64-cc
  • make
  • make test
  • sudo make install

... and everything completed without apparent error. But I notice that the new openssl has not replaced the old openssl:

$ which openssl
/usr/bin/openssl
$ /usr/bin/openssl version
OpenSSL 0.9.8x 10 May 2012
$ /usr/local/ssl/bin/openssl version
OpenSSL 1.0.1e 11 Feb 2013

I'm hesitant to mess around with important system files for fear of breaking existing things. What's the recommended approach? I'm thinking of replacing /usr/bin/openssl with a symlink to the /usr/local/ssl/bin version. Would that work?

1
macosopensslosx-mountain-lion
Check the solution I used here > stackoverflow.com/a/46179272/844890shaunthomas999

1 Answers

10
votes

To prioritize your local copy over the system copy you need to add it to your shell PATH variable

export PATH="/usr/local/ssl/bin:$PATH"

If you want this to execute every time you start a shell just add it to your .bash_profile in your home directory.

However, this is not going to fix your problem because Ruby would need to be recompiled against the new OpenSSL (we'll assume the updated root certificates file that comes with the new OpenSSL would hypothetically fix this issue). I'd recommend installing either rvm or rbenv and rebuilding ruby. Note that both of those tools would prefer you to install openssl via homebrew.