openssl_install-3.3.0.html

<h1>Instructions for use of OpenSSL 3.3.0</h1>
<p>Use the OSS command<br/>
&nbsp;&nbsp;<code>tar xzf openssl-<i>package</i>.tar.gz -C / -p --no-same-owner</code><br/>
to install OpenSSL. You must install the package in the exact same location as
in the tar file. Add the <code>/usr/local-ssl3.3/lib64</code> for 64-bit or
<code>/usr/local-ssl3.3/lib</code> for 32-bit to your _RLD_LIB_PATH variable when
OpenSSL 3.3.0 is needed. Other versions of OpenSSL should be installed
elsewhere.</p>
<p><b>Note:</b> Because of a problem with tar, the security of the
<code>/usr/local-ssl3.3</code> and <code>/usr/local-ssl3.3/share</code>
directories may be set to <code>0700</code> instead of <code>0755</code>. To
fix this, use the command <br/>
<code>chmod 755 /usr/local-ssl3.3 /usr/local-ssl3.3/share</code></p>
<p>
Due to new features added in the latest OSS System Libraries, binaries built
with those will not function correctly on older RVUs.   The following table
lists the minimum RVU for each platform that can correctly run OpenSSL
version 3.3.0, and above:</p>
<table>
<tr>
  <td><b>Platform</b></td>
  <td><b>Minimum RVU</b></td>
</tr>
  <td>TNS/E</td>
  <td>J06.22</td>
<tr>
  <td>TNS/X</td>
  <td>L19.08</td>
</tr>
<tr>
  <td>TNS/V</td>
  <td>L19.08</td>
</tr>
</table>
<p><b>Caution: </b>Do not mix versions of OpenSSL. There is no binary
compatibility between version 1.1.1, 3.0.x, 3.1.x, 3.2.x, and 3.3.x of OpenSSL.
The first directory encountered in _RLD_LIB_PATH is selected by the OSS loader.</p>
<p><b>Note: </b>The TNS/X build may contain FIPS compatible providers. The
ITUGLIB and OpenSSL teams do not formally perform FIPS certification on these
builds. You must take responsibility for FIPS certification if it is required.
</p>