This section provides an overview of what openssl is, and why a developer might want to use it.
It should also mention any large subjects within openssl, and link out to the related topics. Since the Documentation for openssl is new, you may need to create initial versions of those related topics.
Release | Date |
---|---|
1.1.0e | 2017-02-16 |
1.1.0d | 2017-01-26 |
1.1.0c | 2016-11-10 |
1.1.0b | 2016-09-26 |
1.1.0a | 2016-09-22 |
1.1.0 | 2016-08-25 |
1.0.2k | 2017-01-26 |
1.0.2j | 2016-09-26 |
1.0.2i | 2016-09-22 |
1.0.2h | 2016-05-03 |
1.0.2g | 2016-03-01 |
OpenSSL is an open source project that provides a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
These instructions are for acquiring, building, and installing openssl from source. Openssl is usually included in package managers as well.
https://github.com/openssl/openssl
Dependencies can be installed through a package manager such as apt, dnf, or brew.
$ cd ~/path/to/projects
$ git clone https://github.com/openssl/openssl.git
$ cd openssl
$ ./config
$ make
$ make test
$ sudo make install
By default, openssl will be installed to /usr/local.
$ openssl --version
You now have a default build of openssl installed to your machine.
Openssl consists of 2 libraries: libcrypto
and libssl
. Before openssl API can be used in an application, mandatory initialization procedures are expected to be performed. Once application is done with openssl related work, it is expected to cleanup allocated resources.
Code below does complete initialization, however, developer is free to initialize only openssl stuff he is interested in.
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
OPENSSL_config(NULL); // Load default configuration (e.g. openssl.conf)
OPENSSL_init_ssl(0, NULL);
CONF_modules_unload(1);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state();
ERR_free_strings();
This workaround helped us so much at my job (Tech Support), we made a simple batch file we could run from anywhere (We didnt have the permissions to install the actual exe). This workaround will run OpenSSL and open up the bin folder for you (cause this is where any files you create or modify will be saved).
Download the OpenSSL binaries [here][1]. (Note that this is confirmed to work with version 0.9.8h.)
Copy this code to a file named StartOpenSSL.bat. Save this to a location of your choice. It can be run from anywhere.
@echo off
title OpenSSL
cd\openssl\bin
if exist "C:\openssl\share\openssl.cnf" (
set OPENSSL_CONF=c:/openssl/share/openssl.cnf
start explorer.exe c:\openssl\bin
echo Welcome to OpenSSL
openssl
) else (
echo Error: openssl.cnf was not found
echo File openssl.cnf needs to be present in c:\openssl\share
pause
)
exit
Once you have downloaded the OpenSSL binaries, extract them to your C drive in a folder titled OpenSSL. (The path needs to be C:\OpenSSL). Do not move any of the folders contents around, just extract them to the folder.
You are ready to use OpenSSL. This is a great workaround for Windows users who dont have the privileges to install it as it requires no permissions. Just run the bat file from earlier by double clicking it. [1]: http://gnuwin32.sourceforge.net/packages/openssl.htm
Inspect ssl certificate
openssl x509 -in server.crt -noout -text
Generate server key
openssl genrsa -out server.key 2048
Generate csr
openssl req -out server.csr -key server.key -new