CentOS5 の opensslが、openssl-0.9.8e-34.el5_11
これだとTLSに対応してないので、curlやwgetなどやると下記のエラーになってしまう。。。

error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

# openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

新しいOpensslを入れてあげる

wget https://www.openssl.org/source/openssl-1.0.2r.tar.gz
tar zxvf openssl-1.0.2r.tar.gz
cd openssl-1.0.2r
./config shared enable-ssl2 enable-ssl3 --prefix=/opt/openssl-1.0.2r
make
make install
/opt/openssl-1.0.2r/bin/openssl version
OpenSSL 1.0.2r  26 Feb 2019
echo '/opt/openssl-1.0.2r/lib' > /etc/ld.so.conf.d/openssl.conf

1.16.1以上でtls1.1 tls1.2対応

wget http://ftp.gnu.org/gnu/wget/wget-1.16.1.tar.gz
tar -xzvf wget-1.16.1.tar.gz
cd wget-1.16.1
./configure --with-ssl=openssl  --prefix=/opt/wget-1.16.1 --with-libssl-prefix=/opt/openssl-1.0.2r/lib
make && make install

CA証明書: 2014.01.29 CentOS5でGlobalSignのルート証明書が有効期限切れ

echo 'ca-certificate =/etc/pki/tls/certs/ca-bundle.crt' >> /usr/etc/wgetrc

# which wget
/usr/bin/wget
# mv /usr/bin/wget /usr/bin/wget.org
# ln -s /opt/wget-1.16.1/bin/wget /usr/bin/wget

# cd /usr/local/src
# wget https://curl.haxx.se/download/curl-7.58.0.tar.gz
# tar xzvf curl-7.58.0.tar.gz
# cd curl-7.58.0
# ./configure --enable-libcurl-option --with-ssl=/opt/openssl-1.0.2r/ --prefix=/opt/curl-7.58.0
$ curl -L -O [URL]

# which curl
/usr/bin/curl
# mv /usr/bin/curl /usr/bin/curl.org
# ln -s /opt/curl-7.58.0/bin/curl /usr/bin/curl

ライブラリ読み込み

# ldconfig