Welcome to OpenSSL!
The OpenSSL Project develops and maintains the OpenSSL software - a robust, commercial-grade, full-featured toolkit for general-purpose cryptography and secure communication. The project’s technical decision making is managed by the OpenSSL Technical Committee (OTC) and the project governance is managed by the OpenSSL Management Committee (OMC). The project operates under formal Bylaws.
For more information about the team and community around the project, or to start making your own contributions, start with the community page. To get the latest news, download the source, and so on, please see the sidebar or the buttons at the top of every page.
OpenSSL is licensed under an Apache-style license, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
For a list of vulnerabilities, and the releases in which they were found and fixes, see our Vulnerabilities page.
Latest News
Date | Item |
21-Dec-2022 | Beta 1 of OpenSSL 3.1 is now available. This is a release candidate: please download and test it |
13-Dec-2022 | Security Advisory: one low severity fix |
01-Dec-2022 | Alpha 1 of OpenSSL 3.1 is now available: please download and test it |
01-Nov-2022 | New Blog post: CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows |
01-Nov-2022 | Security Advisory: two high severity fixes |
More… |
Legalities
Please remember that export/import and/or use of strong cryptography software, providing cryptography hooks, or even just communicating technical details about cryptography software is illegal in some parts of the world. So when you import this package to your country, re-distribute it from there or even just email technical suggestions or even source patches to the authors or other people you are strongly advised to pay close attention to any laws or regulations which apply to you. The authors of OpenSSL are not liable for any violations you make here. So be careful, it is your responsibility.