How to link python to the manually compiled OpenSSL rather than the system's one

I need to manually compile OpenSSL from source. I use Ubuntu 18. The OpenSSL shipped with Ubuntu 18 does not support specific cipher I need. But it can be enabled if I compile OpenSSL manually. I found this manual. However, how can I link python ssl to take the manually installed OpenSSL not the OS one?


You can't relink the existing Python installation and need to build another Python distribution from source. When building Python, you need to adapt CPPFLAGS, LDFLAGS and LD_LIBRARY_PATH env variables. Assuming you installed the custom OpenSSL in /path/to/openssl:

$ cd /path/with/Python/sources/unpacked/
$ export LDFLAGS="-L/path/to/openssl/lib/ -L/path/to/openssl/lib64/"
$ export LD_LIBRARY_PATH="/path/to/openssl/lib/:/path/to/openssl/lib64/"
$ export CPPFLAGS="-I/path/to/openssl/include -I/path/to/openssl/include/openssl"
$ ./configure --prefix=/path/to/custom/python/
$ make
$ make install

Now Python in /path/to/custom/python/ will use the custom OpenSSL:

$ /path/to/custom/python/bin/python -c "import ssl; print(ssl.OPENSSL_VERSION)"
OpenSSL 1.1.0h  27 Mar 2018