Breadcrumbs

Installing OpenSSL and pkcs11-provider (Linux)

If you are using an existing or pre-installed OpenSSL, then skip the first two steps.

  1. Install the necessary dependencies.

›_ Console

 
dnf -y update && \
    dnf install -y make gcc wget tar git autoconf automake libtool \
    perl-IPC-Cmd perl-core perl-Test-Harness perl-Data-Dumper \
    which findutils diffutils xz meson \
    openssl-devel

  1. Install OpenSSL.

›_ Console

 
# From the SO repository
dnf install openssl
# From the official source
cd /tmp
wget https://www.openssl.org/source/openssl-3.4.1.tar.gz && \
    tar -xzvf openssl-3.4.1.tar.gz && \
    cd openssl-3.4.1 && \
    ./Configure linux-x86_64 --prefix=/usr/local/openssl-3.4.1 shared && \
    make -j$(nproc) && \
    make install_sw && \
    cd .. && rm -rf openssl-3.4.1

  1. Verify the version of OpenSSL.

›_ Console

 
openssl version
OpenSSL 3.4.1 11 Feb 2025 (Library: OpenSSL 3.4.1 11 Feb 2025)

  1. Install the pkcs11-provider from the official source.

›_ Console

 
cd /tmp
wget https://github.com/latchset/pkcs11-provider/releases/download/v1.1.0/pkcs11-provider-1.1.tar.xz && \
    tar -xJvf pkcs11-provider-1.1.tar.xz && \
    cd pkcs11-provider-1.1 && \
    PKG_CONFIG_PATH=/usr/local/openssl-3.4.1/lib64/pkgconfig meson setup builddir && \
    meson compile -C builddir && \
    meson install -C builddir && \
    cd .. && rm -rf pkcs11-provider-1.1*

  1. Adjust the environment variables.

›_ Console

 
export PATH="/usr/local/openssl-3.4.1/bin:${PATH}"
export LD_LIBRARY_PATH="/usr/local/openssl-3.4.1/lib64:\
/usr/local/openssl-3.4.1/lib64/ossl-modules:${LD_LIBRARY_PATH}"

To ensure these environmental variables are set after a reboot, the last commands should be added to ~/.bashrc.