OpenSSL
A cryptography toolkit and TLS library.
OpenSSL provides the libcrypto and libssl libraries, which implement the cryptographic algorithms and protocols used by TLS — the protocol that protects the great majority of HTTPS traffic on the public internet — plus a command-line openssl tool for tasks like generating keys, signing certificates, encrypting files, inspecting certificate chains, benchmarking ciphers, and converting between certificate formats.
A very large fraction of the encrypted traffic on the public internet is protected by OpenSSL or one of its forks (LibreSSL from the OpenBSD project, BoringSSL from Google, AWS-LC from Amazon). The 2014 Heartbleed vulnerability — a buffer over-read in a barely-used heartbeat extension — prompted both an external code audit and the creation of a more conservative governance structure around the project, and was a defining event in modern web-security history.
The OpenSSL Software Foundation governs the project today. Recent releases (OpenSSL 3.x) introduced provider-based modular architecture, FIPS validation as a downloadable provider, and substantial code reorganisation. The Apache 2.0 licence (in OpenSSL 3+) replaced the older dual OpenSSL/SSLeay licence pair, simplifying the licensing for downstream users.
License: Apache-2.0 (OpenSSL 3+) / dual OpenSSL+SSLeay (older)
Category: Security
Website: https://www.openssl.org/
Install
Debian/Ubuntu: sudo apt install openssl Fedora/RHEL: sudo dnf install openssl Arch: sudo pacman -S openssl macOS: brew install openssl
Authors
- OpenSSL Software Foundation and contributors