Download the latest openssl source, as of this writing, the latest is the one I installed.
https://www.openssl.org/source/
Bytes Timestamp Filename ________ ____________________ ____________________________ 5149260 Sep 25 22:45:26 2014 openssl-1.0.2-beta3.tar.gz (MD5) (SHA1) (PGP sign) 1404199 Aug 20 12:52:55 2014 openssl-fips-ecp-2.0.8.tar.gz (MD5) (SHA1) (PGP sign) 1424766 Aug 20 12:52:46 2014 openssl-fips-2.0.8.tar.gz (MD5) (SHA1) (PGP sign) 3727934 Aug 6 23:56:45 2014 openssl-0.9.8zb.tar.gz (MD5) (SHA1) (PGP sign) 3994771 Aug 6 23:56:45 2014 openssl-1.0.0n.tar.gz (MD5) (SHA1) (PGP sign) 4422117 Aug 6 23:56:45 2014 openssl-1.0.1i.tar.gz (MD5) (SHA1) (PGP sign) [LATEST] 4872101 Jul 22 22:53:02 2014 openssl-1.0.2-beta2.tar.gz (MD5) (SHA1) (PGP sign) 1438620 Jul 4 01:21:08 2014 openssl-fips-2.0.7.tar.gz (MD5) (SHA1) (PGP sign) 1417674 Jul 4 01:21:08 2014 openssl-fips-ecp-2.0.7.tar.gz (MD5) (SHA1) (PGP sign)
Login to your server as root.
wget https://www.openssl.org/source/openssl-1.0.1i.tar.gz
as root
tar xzvf openssl-1.0.1i.tar.gz
cd openssl-1.0.1i
./config
make
make test
make install
Installation is at /usr/local/ssl/bin/openssl
move old openssl
mv /usr/bin/openssl /root/openssl-old
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
check version
openssl version
OpenSSL 1.0.1i 6 Aug 2014
Though its better to recompile it as RPM on your build server so as to follow best practice that your production server particular to the one that facing internet should not contain any compiler.
