1、查看OpenSSL版本

查看OpenSSL现版本为1.0.2k-fips

2、下载OpenSSL源码包

下载地址 https://www.openssl.org/source

root@node1 ~]# cd /usr/local/src/
[root@node1 src]# wget -c https://www.openssl.org/source/openssl-1.1.1j.tar.gz

3、编译安装nginx并指定新版本OpenSSL路径

[root@node1 src]# /apps/nginx/sbin/nginx -s  stop
[root@node1 src]# cd /usr/local/src/nginx-1.18.0/
[root@node1 nginx-1.18.0]# ./configure --prefix=/apps/nginx --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module --with-http_ssl_module --with-openssl=/usr/local/src/openssl-1.1.1j
[root@node1 nginx-1.18.0]# make && make install

4、启动nginx并查看OpenSSL版本

[root@node1 nginx-1.18.0]# /apps/nginx/sbin/nginx
[root@node1 nginx-1.18.0]# /apps/nginx/sbin/nginx -V
nginx version: nginx/1.18.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.1.1j  16 Feb 2021
TLS SNI support enabled
configure arguments: --prefix=/apps/nginx --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module --with-http_ssl_module --with-openssl=/usr/local/src/openssl-1.1.1j