尝试使用 alpine 基础镜像中的自定义 openssl 配置 nginx,但它似乎确实选择了位于
/usr/local/openssl
下的 openssl
Step 20/22 : RUN cd nginx-${NGINX_VERSION}/ && ./configure ${NGINX_FLAGS} && make && sudo make install
---> Running in 58c8b603c0b7
checking for getaddrinfo() ... found
checking for PCRE library ... found
checking for PCRE JIT support ... found
checking for OpenSSL library ... not found
checking for OpenSSL library in /usr/local/ ... not found
checking for OpenSSL library in /usr/pkg/ ... not found
checking for OpenSSL library in /opt/local/ ... not found
./configure: error: SSL modules require the OpenSSL library.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.
如果我最终使用
--with-openssl
标志,我需要传递 openssl 的源代码,这是我们没有的。
我正在尝试将 nginx 配置为启用 fips,从而手动配置 nginx 以选择我们构建的 openssl 库,非常感谢任何解决方法/帮助。
构建 Nginx 需要 Openssl 源代码。 查看 https://www.openssl.org/source/ 下载源代码。
这是我构建nginx-1-26.0的解决方案
cd /usr/src
sudo wget https://www.openssl.org/source/openssl-3.0.13.tar.gz
sudo tar -xzvf openssl-3.0.13.tar.gz
./configure ...[your config]... --with-openssl=/usr/src/openssl-3.0.13