Beta Branch add OPENSSL_SYSTEM_USE for Nginx system OpenSSL in 130.00beta01

add OPENSSL_SYSTEM_USE for Nginx system OpenSSL in 130.00beta01

- add variable OPENSSL_SYSTEM_USE='y' when set in persistent config file /etc/centminmod/custom_config.inc prior to initial Centmin Mod install or prior to centmin.sh menu option 4 Nginx recompile, will tell Nginx to use operating system OpenSSL version instead. OpenSSL system versions for CentOS 7 = 1.0.2k, EL8 = 1.1.1k and EL9 = 3.0.7
- this maybe useful for EL8 systems at least as OpenSSL 3.0 and OpenSSL 3.1 have performance regressions compared to OpenSSL 1.1.1 which is currently faster version. OpenSSL 1.1.1 is now EOL, so we should be using OpenSSL 3+. However, EL7, EL8, EL9 system OpenSSL has extended support lifetime until end of the OSes 10 yr support. This means on EL8 systems the included OpenSSL 1.1.1k is supported still so folks may want to set OPENSSL_SYSTEM_USE='y' and build Nginx on EL8 system OpenSSL 1.1.1k until OpenSSL folks fix the persformance regressions in OpenSSL 3.
- EL7, EL8 , EL9 OpenSSL version number never changes as RHEL upstream will also backport fixes and updates from newer versions back into the reported version number
- Current performance from fastest to slowest is OpenSSL 1.1.1 > 3.2 beta > 3.1 > 3.0

example on AlmaLinux 8 EL8 OPENSSL_SYSTEM_USE='y'

nginx -V
nginx version: nginx/1.25.3 (281023-151312-almalinux8-kvm-2c13c02-br-6e975bc)
built by gcc 11.2.1 20220127 (Red Hat 11.2.1-9) (GCC)
built with OpenSSL 1.1.1k FIPS 25 Mar 2021

---

example on AlmaLinux 9 EL9 OPENSSL_SYSTEM_USE='y'

nginx -V
nginx version: nginx/1.25.3 (281023-191307-almalinux9-2c13c02-br-a71f931)
built by gcc 12.2.1 20221121 (Red Hat 12.2.1-7) (GCC)
built with OpenSSL 3.0.7 1 Nov 2022

Continue reading...

130.00beta01 branch

• Branch: https://github.com/centminmod/centminmod/tree/130.00beta01
• Commit History: https://github.com/centminmod/centminmod/commits/130.00beta01

Support Centmin Mod

If you find Centmin Mod useful, please help support Centmin Mod