Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Настройка ГОСТ OpenSSL под Ubuntu 18.04
# Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-36-generic x86_64)
# (из коробки) OpenSSL 1.1.0g 2 Nov 2017
# (из коробки) curl 7.58.0 (x86_64-pc-linux-gnu)
# PHP 7.2.10-0ubuntu0.18.04.1 (cli) (built: Sep 13 2018 13:45:02) ( NTS )
# Компилим GOST-engine
sudo apt install cmake libssl-dev
git clone --branch=openssl_1_1_0 https://github.com/gost-engine/engine.git gost-engine/engine
cd gost-engine/engine
cmake .
make
# узнаем нужную директорию, копируем туда
openssl version -e
cp bin/gost.so /usr/lib/x86_64-linux-gnu/engines-1.1
# конфиг
cp /etc/ssl/openssl.cnf /etc/ssl/openssl_custom.cnf
nano /etc/ssl/openssl_custom.cnf
# в начало файла
openssl_conf = openssl_def
# в конец
[openssl_def]
engines = engine_section
[engine_section]
gost = gost_section
[gost_section]
engine_id = gost
dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/gost.so
default_algorithms = ALL
CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
# включаем новый конфиг
export OPENSSL_CONF=/etc/ssl/openssl_custom.cnf
openssl s_client -connect service.rosminzdrav.ru:443
curl https://service.rosminzdrav.ru
@stahko

This comment has been minimized.

Copy link

commented Apr 17, 2019

Спасибо!
Сработало и на ubuntu 16.04 (компилил OpenSSL 1.1.1b перед этим отдельно )

@arimanov

This comment has been minimized.

Copy link

commented Aug 14, 2019

Спасибо большое!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.