” /> <img src="https://github.com/openssl/openssl/workflows/GitHub%20CI/badge.svg" alt="
GitHub actions CI badge” />
OpenSSL is a robust, commercial-grade, full-featured open source toolkit for the formerly Transport Layer Security (TLS) protocol. known as Secure Sockets Layer (SSL) protocol. The implementation of the protocol is based on a full-power general-purpose cryptographic library, which can also be used independently.
OpenSSL descends from the SSLeay library developed by Eric A. Young and Tim J. Hudson.
The official website of the OpenSSL Project is www.openssl.org.
- Compile and install
The OpenSSL toolkit
includes: libssl an implementation of all versions of the TLS protocol up to TLSv1.3 (RFC 8446).
libcrypto A full-powered, general-purpose cryptographic library. It forms the basis of the TLS implementation, but it can also be used independently.
openssl the OpenSSL command-line tool, a Swiss Army knife for cryptographic tasks, testing and analysis. It can be used for
- key parameters
- creating X.509 certificates, CSR and CRL
- calculating message digests
- SSL/TLS client and server tests
- signed mail or S/MIME encryption
- and more…
, encryption and
For production use
Tarball source code files of official releases can be downloaded from www.openssl.org/source. The OpenSSL project does not distribute the toolkit in binary format.
However, precompiled versions of the OpenSSL toolkit are available for a variety of operating systems. In particular, on Linux and other Unix operating systems, it is usually recommended to link to precompiled shared libraries provided by the distributor or vendor.
testing and development
Although testing and development could also theoretically be done using the source tarballs, having a local copy of the git repository with all the project history gives you much more information about the code base
The official OpenSSL Git repository is located at git.openssl.org. There is a GitHub mirror of the repository on github.com/openssl/openssl, which is automatically updated from the first on each commit.
A local copy of
the Git repository can be obtained by cloning it from the original OpenSSL repository using or from the GitHub mirror using If you intend to contribute to OpenSSL,
either to fix bugs or contribute new features, you should fork the OpenSSL openssl/openssl repository on GitHub and clone its public fork instead
. This is necessary because all OpenSSL development today is done through pull requests
GitHub. For more information, see Contribution.
After getting the source code, take a look at the INSTALL file for detailed instructions on creating and installing OpenSSL. For some platforms, the installation instructions are modified using a platform-specific document.
Notes for UNIX-like platforms Notes for Android platforms Notes for Windows platforms Notes for the
- DOS platform with DJGPP Notes for
the OpenVMS platform Notes on Perl Notes on Valgrind
notes on upgrading to OpenSSL 3.0 from previous versions can be found on the migration_guide manual page (7ossl).
The manual pages for the master branch and all current stable versions are available online
. OpenSSL master OpenSSL
- 3.0 OpenSSL
There is a Wiki on wiki.openssl.org that is currently not very active. It contains a lot of useful information, not all of which is up to date.
OpenSSL is licensed under the Apache License 2.0, which means that you are free to obtain and use it for commercial and non-commercial purposes, as long as you comply with its conditions.
See the LICENSE.txt file for details.
There are several ways to get in touch. The right channel depends on your needs. See the SUPPORT file for details.
If you are interested and willing to contribute to the OpenSSL project, take a look at the CONTRIBUTOR file.
Several nations restrict the use or export of crypto. If you are potentially subject to such restrictions, you should seek legal advice before attempting to develop or distribute cryptographic code.
1998-2022 The OpenSSL Project Copyright (c) 1995-1998
Eric A. Young, Tim J. Hudson
All rights reserved.