Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Настройка ГОСТ OpenSSL под Ubuntu 18.04
# Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-36-generic x86_64)
# (из коробки) OpenSSL 1.1.0g 2 Nov 2017
# (из коробки) curl 7.58.0 (x86_64-pc-linux-gnu)
# PHP 7.2.10-0ubuntu0.18.04.1 (cli) (built: Sep 13 2018 13:45:02) ( NTS )
# Компилим GOST-engine
sudo apt install cmake libssl-dev
git clone --branch=openssl_1_1_0 https://github.com/gost-engine/engine.git gost-engine/engine
cd gost-engine/engine
cmake .
make
# узнаем нужную директорию, копируем туда
openssl version -e
cp bin/gost.so /usr/lib/x86_64-linux-gnu/engines-1.1
# конфиг
cp /etc/ssl/openssl.cnf /etc/ssl/openssl_custom.cnf
nano /etc/ssl/openssl_custom.cnf
# в начало файла
openssl_conf = openssl_def
# в конец
[openssl_def]
engines = engine_section
[engine_section]
gost = gost_section
[gost_section]
engine_id = gost
dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/gost.so
default_algorithms = ALL
CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
# включаем новый конфиг
export OPENSSL_CONF=/etc/ssl/openssl_custom.cnf
openssl s_client -connect service.rosminzdrav.ru:443
curl https://service.rosminzdrav.ru
@stahko

This comment has been minimized.

Copy link

commented Apr 17, 2019

Спасибо!
Сработало и на ubuntu 16.04 (компилил OpenSSL 1.1.1b перед этим отдельно )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.