This section provides an overview of what openssl is, and why a developer might want to use it.
It should also mention any large subjects within openssl, and link out to the related topics. Since the Documentation for openssl is new, you may need to create initial versions of those related topics.
Installation or Setup
OpenSSL is an open source project that provides a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
The OpenSSL toolkit is licensed under an Apache-style license, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
Build and Install openssl on Linux/Unix Systems
These instructions are for acquiring, building, and installing openssl from source. Openssl is usually included in package managers as well.
- perl 5
Dependencies can be installed through a package manager such as apt, dnf, or brew.
$ cd ~/path/to/projects $ git clone https://github.com/openssl/openssl.git $ cd openssl $ ./config $ make $ make test $ sudo make install
By default, openssl will be installed to /usr/local.
$ openssl --version
You now have a default build of openssl installed to your machine.
(De-)Initialization of openssl library
Openssl consists of 2 libraries:
libssl. Before openssl API can be used in an application, mandatory initialization procedures are expected to be performed. Once application is done with openssl related work, it is expected to cleanup allocated resources.
Code below does complete initialization, however, developer is free to initialize only openssl stuff he is interested in.
ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); OPENSSL_config(NULL); // Load default configuration (e.g. openssl.conf)
CONF_modules_unload(1); EVP_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_remove_state(); ERR_free_strings();
Run OpenSSL on Windows without Installing
This workaround helped us so much at my job (Tech Support), we made a simple batch file we could run from anywhere (We didnt have the permissions to install the actual exe). This workaround will run OpenSSL and open up the bin folder for you (cause this is where any files you create or modify will be saved).
How to Set Up:
Download the OpenSSL binaries here. (Note that this is confirmed to work with version 0.9.8h.)
Copy this code to a file named StartOpenSSL.bat. Save this to a location of your choice. It can be run from anywhere.
@echo off title OpenSSL cd\openssl\bin if exist "C:\openssl\share\openssl.cnf" ( set OPENSSL_CONF=c:/openssl/share/openssl.cnf start explorer.exe c:\openssl\bin echo Welcome to OpenSSL openssl ) else ( echo Error: openssl.cnf was not found echo File openssl.cnf needs to be present in c:\openssl\share pause ) exit
Once you have downloaded the OpenSSL binaries, extract them to your C drive in a folder titled OpenSSL. (The path needs to be C:\OpenSSL). Do not move any of the folders contents around, just extract them to the folder.
You are ready to use OpenSSL. This is a great workaround for Windows users who dont have the privileges to install it as it requires no permissions. Just run the bat file from earlier by double clicking it.
OpenSSL commands examples
Inspect ssl certificate
openssl x509 -in server.crt -noout -text
Generate server key
openssl genrsa -out server.key 2048
openssl req -out server.csr -key server.key -new