Linux
安裝 nginx 時如何解決 Openssl 包錯誤
我嘗試在RHEL 7.2 機器上安裝 nginx,但出現錯誤,
Error: Package: 1:nginx-1.10.2-2.el7.x86_64 (epel) Requires: libcrypto.so.10(OPENSSL_1.0.2)(64bit) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest
堅果這個 libcrypto.so.10(OPENSSL_1.0.2)(64bit) 在預設的 openssl 包上不可用,所以我刪除了目前的 openssl 包並使用 rpm 安裝,如下所示,
[root@db-brm ~]# rpm -Uvh http://mirror.centos.org/centos/7/os/x86_64/Packages/openssl-libs-1.0.2k-8.el7.x86_64.rpm
我認為它會解決問題,但它沒有,它增加了 openssl 中的衝突並在安裝 nginx 時出錯,
我可以看到這是錯誤,
[root@db-brm ~]# yum install nginx Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. epel/x86_64/metalink | 16 kB 00:00:00 local-repo | 4.1 kB 00:00:00 nginx | 2.9 kB 00:00:00 Resolving Dependencies --> Running transaction check ---> Package nginx.x86_64 1:1.12.2-1.el7_4.ngx will be installed --> Processing Dependency: openssl >= 1.0.2 for package: 1:nginx-1.12.2-1.el7_4.ngx.x86_64 --> Running transaction check ---> Package openssl.x86_64 1:1.0.1e-42.el7_1.9 will be installed --> Processing Dependency: openssl-libs(x86-64) = 1:1.0.1e-42.el7_1.9 for package: 1:openssl-1.0.1e-42.el7_1.9.x86_64 --> Finished Dependency Resolution Error: Package: 1:openssl-1.0.1e-42.el7_1.9.x86_64 (local-repo) Requires: openssl-libs(x86-64) = 1:1.0.1e-42.el7_1.9 Installed: 1:openssl-libs-1.0.2k-8.el7.x86_64 (installed) openssl-libs(x86-64) = 1:1.0.2k-8.el7 Available: 1:openssl-libs-1.0.1e-42.el7_1.9.x86_64 (local-repo) openssl-libs(x86-64) = 1:1.0.1e-42.el7_1.9 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest
誰能幫我解決這個問題?
引自 NGINX 論壇Ref
不幸的是,只有一種解決方案——將系統升級到 7.4;還應該記住,發行版供應商不再支持 7.0-7.3(包括安全修復)
但是,您可以從原始碼安裝 NGINX,參見堆棧交換
sudo yum install unzip gcc pcre-devel zlib-devel make golang wget mkdir -p /tmp/nginx-dep cd /tmp/nginx-dep curl -O https://www.openssl.org/source/openssl-1.0.2g.tar.gz curl -O http://nginx.org/download/nginx-1.9.14.tar.gz tar zxf openssl-1.0.2g.tar.gz tar zxf nginx-1.9.14.tar.gz cd nginx-1.9.14/ ./configure --with-http_ssl_module \ --with-openssl=`realpath ../openssl-1.0.2g` \ --prefix=/usr/share/nginx \ --sbin-path=/usr/sbin/nginx \ --modules-path=/usr/lib/nginx/modules \ --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log \ --http-log-path=/var/log/nginx/access.log \ --pid-path=/run/nginx.pid \ --lock-path=/var/lock/nginx.lock \ --http-client-body-temp-path=/var/lib/nginx/body \ --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ --http-proxy-temp-path=/var/lib/nginx/proxy \ --http-scgi-temp-path=/var/lib/nginx/scgi \ --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \ --with-openssl-opt=enable-ec_nistp_64_gcc_128 \ --with-openssl-opt=no-nextprotoneg \ --with-openssl-opt=no-weak-ssl-ciphers \ --with-openssl-opt=no-ssl3 \ --with-pcre-jit \ --with-threads \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_mp4_module \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_sub_module \ --with-http_stub_status_module \ --with-http_v2_module \ --with-http_secure_link_module \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_ssl_module make sudo make install sudo mkdir -p /var/lib/nginx && sudo nginx -t # create service sudo touch /etc/systemd/system/nginx.service printf ' [Unit] Description=The nginx HTTP and reverse proxy server After=network.target remote-fs.target nss-lookup.target [Service] Type=forking PIDFile=/run/nginx.pid # Nginx will fail to start if /run/nginx.pid already exists but has the wrong # SELinux context. This might happen when running `nginx -t` from the cmdline. # https://bugzilla.redhat.com/show_bug.cgi?id=1268621 ExecStartPre=/usr/bin/rm -f /run/nginx.pid ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx ExecReload=/bin/kill -s HUP $MAINPID KillSignal=SIGQUIT TimeoutStopSec=5 KillMode=process PrivateTmp=true [Install] WantedBy=multi-user.target' | sudo tee /etc/systemd/system/nginx.service rm /tmp/nginx-dep -ri