0

I have an issue with OpenSSL, I am using the following command to install the latest version of OpenSSL in my Base Docker Image of Azure ML Deployment as the older version has some critical security vulnerability. However, the final image still has the older versions of OPENSSL, it could either be that or AzureML is installing the packages by itself, can anyone tell me how to get past this issue? or delete older versions of OpenSSL?

FROM ubuntu:18.04

# Install dependencies:
RUN apt-get update  && apt-get -y install openssl

enter image description here

Venkatesan
  • 3,748
  • 1
  • 3
  • 15
shafee ul kabir Fahim
  • 1
  • 4

1 Answers1

0

To install OpenSSL based on the required version, we need to install PERL first, then go with the OpenSSL installation based on the version required.

# Install PERL before going with Open SSL

RUN apt-get update \
    && apt-get install -y ca-certificates wget bash \
    && apt-get -qy install perl

Remove the current existing version of OpenSSL

RUN apt-get -y remove openssl

Run the installation through TAR Command

RUN apt-get -qy install gcc 


RUN apt-get -q update && apt-get -qy install wget make \
    && wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz\
    && tar -xzvf openssl-1.1.1o.tar.gz \
    && cd openssl-1.1.1o \
    && ./config \
    && make install

Based on the TAR file and the version, it will install the updated version of OpenSSL.

We can’t directly install using apt-get command.

Sairam Tadepalli
  • 1,563
  • 1
  • 3
  • 11