How to build curl with the latest openssl?

Question

So I build openssl

./config
make
sudo make install
sudo ln -sf /usr/local/ssl/bin/openssl `which openssl`

I build curl

./configure --with-ssl 
make
make install

OpenSSL looks installed correctly:

openssl version
OpenSSL 1.0.1g 7 Apr 2014

however curl uses old openssl version (1.0.1f instead of 1.0.1g):

curl --version
curl 7.37.0 (x86_64-unknown-linux-gnu) libcurl/7.37.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 libssh2/1.4.3 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp 
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP 

how to make curl use new version?

I want to try the newest versions, because I am fighting with some strange openssl/curl bug #1 #2

Edit: I also tried ./configure --with-ssl=/usr/local/ssl/include/openssl, no success

Edit2: So far I also tried:

• sudo ./configure --with-ssl --with-libssl-prefix=/usr/local/ssl
• ./configure --with-ssl=/usr/local/ssl
• PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig ./configure
• PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig ./configure --with-ssl
• PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig ./configure --with-ssl=/usr/local/ssl/include/openssl

no success...

Answer 1

You need to specify the directory where OpenSSL is installed (your symlink is neither necessary nor sufficient)

./configure --with-ssl=/usr/local/ssl

EDIT: Alternatively, you can set your PKG_CONFIG_PATH environment variable (as suggested by ./configure --help):

PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig ./configure

Answer 2

sudo apt-get install libssl-dev
./configure --prefix=/usr --libdir=/usr/lib/x86_64-linux-gnu
sudo make
sudo make install

Is all I needed to build curl 7.43 on ubuntu 15.04

Answer 3

What I found out, when I was going through the same exercise, is that curl simply can't work with openssl static libraries. It was always searching for dynamic, no matter what I was doing, so eventually I did three things that worked for me

Configured openssl with enable-shared: ./config enable-shared
Configured curl with openssl: ./configure --with-ssl
Used LD_LIBRARY_PATH: LD_LIBRARY_PATH=/usr/local/lib:/usr/local/ssl/lib /usr/local/bin/curl -V

The latter command with -V flag will show the openssl version used by curl. I've added /usr/local/lib to LD_LIBRARY_PATH to make sure that curl uses the right libcurl version.

Answer 4

This was a long and arduous path for me. Hours and hours (you know how it is). Here's what I found:

For Ubuntu 12.04 / 14.04 you have to manually install both openssl and curl

Manually install openssl 1.0.2g:

sudo apt-get install make # (Install compiling library Make)
wget https://www.openssl.org/source/openssl-1.0.2g.tar.gz # (Download the latest OpenSSL 1.0.2g binaries)
tar -xzvf openssl-1.0.2g.tar.gz # (Extract the tar ball to the local directory)
cd openssl-1.0.2g # (Enter extracted OpenSSL directory)
sudo ./config # (Configure binaries for compiling)
sudo make install # (install configured binaries)
sudo ln -sf /usr/local/ssl/bin/openssl `which openssl` # (This will create a sym link to the new binaries)
openssl version -v

IF YOU WANT NGHTTP2 (optional / recommended):

# Get build requirements
# Some of these are used for the Python bindings
# this package also installs
sudo apt-get install g++ make binutils autoconf automake autotools-dev libtool pkg-config \
  zlib1g-dev libcunit1-dev libssl-dev libxml2-dev libev-dev libevent-dev libjansson-dev \
  libjemalloc-dev cython python3-dev python-setuptools
Build nghttp2 from source
git clone https://github.com/tatsuhiro-t/nghttp2.git
cd nghttp2
autoreconf -i
automake
autoconf
./configure
make
sudo make install

Manually install curl:

cd ~
sudo apt-get build-dep curl
wget http://curl.haxx.se/download/curl-7.46.0.tar.bz2
tar -xvjf curl-7.46.0.tar.bz2
cd curl-7.46.0
./configure --with-nghttp2 --with-ssl --with-libssl-prefix=/usr/local/ssl # This is the line I had the most trouble with, especially figure out --with-libssl-prefix
make
sudo make install
sudo ldconfig

Final Steps

sudo ldconfig
sudo service apache2 restart # if you're using apache

Now that you're done, try curl --version and make sure you see the correct version of openssl in there. Specifically openssl >= 1.0.2g (and nghttp2 if you opted for it)

$ curl --version
curl 7.50.2 (x86_64-pc-linux-gnu) libcurl/7.50.2 OpenSSL/1.0.2k zlib/1.2.8 nghttp2/1.21.0-DEV
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets 

citations: curl opennssl

Answer 5

./configure --with-ssl=/usr/lib/ssl --libdir=/usr/lib/x86_64-linux-gnu
sudo make
sudo make install

After struggling some hours I managed to enable https with libcurl 7.38 in ubuntu 15.05

Answer 6

I managed to compile curl using static OpenSSL libraries. This is the tl;dr version:

OpenSSL

./config no-shared --prefix=$PWD/_installdir
make depend && make && make install

curl

LIBS="-ldl" ./configure --prefix=$PWD/_installdir --with-ssl=/something/opensslrootdir/_installdir --disable-shared
make && make install

The LIBS="-ldl" part is essential.

Answer 7

I generally followed Jacksonkr's answer, but I needed all of the above mentioned by others together:

LIBS="-ldl" PKG_CONFIG_PATH=/usr/local/ssl/lib/pkgconfig ./configure --with-ssl --with-libssl-prefix=/usr/local/ssl --disable-shared

--disable-shared is optional, I guess, it;s just I need it

Answer 8

I was able to mitigate this issue by adding the --without-zlib option.

Answer 9

Compiling openssl use default configure generates static library only, so, if you want to use static library in curl, you can do like this:

LIBS="-ldl -lpthread" ./configure --disable-shared --prefix=/usr/local/curl --with-ssl=/usr/local/ssl

I sought the answer from here.

NOTE: following this way only generates curl static library.