We stand with Ukraine to help keep people safe. Join us
OpenSSL
OpenSSL
0.0
0.0
OpenSSL free download for Mac

OpenSSL

Version 3.0.5

Cryptography library and toolkit that enables developers to work with the TLS and SSL protocols.

Free
Absolutely Free

OpenSSL overview

OpenSSL provides support for the TLS and SSL protocols and also includes various tools used in cryptography. Note that OpenSSL is officially available only as source, so you must manually compile and install the software on your Mac.

Deploy the OpenSSL toolkit via the command line

To install the OpenSSL toolkit and library on your Mac, you must open the Terminal application, go to the OpenSSL source folder, and follow the instructions from the INSTALL file included in the archive.

For short, you must run the "./config", "make", "make test", and "make install" commands, and then type openssl in the Terminal. If you need to see what OpenSSL release you are using, you can use the "version" argument.

Note that you must make sure you are using the correct PATH to reach the latest OpenSSL installation. When you install OpenSSL, you get to see the output location, and you can check the path used by default with the "which openssl" shell command.

Older OpenSSL versions are delivered with the system by default, and the old link will most likely be preserved. This means that you must configure the shell to use the correct path on your own.

Worth mentioning is that you can also install the toolkit using a package management solution such as Homebrew.

Quick access to SSL and Crypto libraries

While in OpenSSL's command line interface, you get to see all the standard, message digest, or cipher commands supported by OpenSSL, but you do not get usage instructions.

Make sure to check the online documentation to read extensive descriptions and learn about configuration options for each of the included commands.

OpenSSL's developers also provide a Frequently Asked Questions section where you can get details about the latest version, about how you can use the commands, and so on.

To conclude, the OpenSSL software package offers you the possibility to work with the SSL and TLS protocols or to access cryptography tools, as long as you are willing to work with the command line.

What’s new in version 3.0.5

Updated on Jul 05 2022

  • Add a mac salt length option for the pkcs12 command.
  • Add more SRTP protection profiles from RFC8723 and RFC8269.
  • Extended Kernel TLS (KTLS) to support TLS 1.3 receive offload.
  • Add support for TCP Fast Open (RFC7413) to macOS, Linux, and FreeBSD where supported and enabled.
  • Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK (RFC 5489) to the list of ciphersuites providing Perfect Forward Secrecy as required by SECLEVEL >= 3.
  • Add new SSL APIs to aid in efficiently implementing TLS/SSL fingerprinting. The SSL_CTRL_GET_IANA_GROUPS control code, exposed as the SSL_get0_iana_groups() function-like macro, retrieves the list of supported groups sent by the peer, and the function SSL_client_hello_get_extension_order() populates a caller-supplied array with the list of extension types present in the ClientHello, in order of appearance.
  • Fixed PEM_write_bio_PKCS8PrivateKey() and PEM_write_bio_PKCS8PrivateKey_nid() to make it possible to use empty passphrase strings.
  • RNDR and RNDRRS support in provider functions to provide random number generation for Arm CPUs (aarch64).
  • s_client and s_server apps now explicitly say when the TLS version does not include the renegotiation mechanism. This avoids confusion between that scenario versus when the TLS version includes secure renegotiation but the peer lacks support for it.
  • AES-GCM enabled with AVX512 vAES and vPCLMULQDQ.
  • The default SSL/TLS security level has been changed from 1 to 2. RSA, DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys of 160 bits and above and less than 224 bits were previously accepted by default but are now no longer allowed. By default TLS compression was already disabled in previous OpenSSL versions. At security level 2 it cannot be enabled.
  • The SSL_CTX_set_cipher_list family functions now accept ciphers using their IANA standard names.
  • The PVK key derivation function has been moved from b2i_PVK_bio_ex() into the legacy crypto provider as an EVP_KDF. Applications requiring this KDF will need to load the legacy crypto provider.
  • The various OBJ_* functions have been made thread safe.
  • CCM8 cipher suites in TLS have been downgraded to security level zero because they use a short authentication tag which lowers their strength.
  • Subject or issuer names in X.509 objects are now displayed as UTF-8 strings by default.
  • Parallel dual-prime 1536/2048-bit modular exponentiation for AVX512_IFMA capable processors.
  • The functions OPENSSL_LH_stats, OPENSSL_LH_node_stats, OPENSSL_LH_node_usage_stats, OPENSSL_LH_stats_bio, OPENSSL_LH_node_stats_bio and OPENSSL_LH_node_usage_stats_bio are now marked deprecated from OpenSSL 3.1 onwards and can be disabled by defining OPENSSL_NO_DEPRECATED_3_1.
  • The macro DEFINE_LHASH_OF is now deprecated in favour of the macro DEFINE_LHASH_OF_EX, which omits the corresponding type-specific function definitions for these functions regardless of whether OPENSSL_NO_DEPRECATED_3_1 is defined.
  • Users of DEFINE_LHASH_OF may start receiving deprecation warnings for these functions regardless of whether they are using them. It is recommended that users transition to the new macro, DEFINE_LHASH_OF_EX.

Information

License

Free

Size

15.1 MB

Developer’s website

https://www.openssl.org/

Downloads

947

App requirements

  • Intel 64
  • OS X 10.9.0 or later
Try our new feature and write a detailed review about OpenSSL. All reviews will be posted soon.
Write your thoughts in our old-fashioned comment
MacUpdate Comment Policy. We strongly recommend leaving comments, however comments with abusive words, bullying, personal attacks of any type will be moderated.
0.0
(0 Reviews of )
There are no reviews yet
Michael-Vilain
Michael-Vilain
May 4 2022
3.0.3
0.0
May 4 2022
0.0
Version: 3.0.3
V3 has in-line machine-level instructions that cause it to barf on 10.13.6. It can be configured to not use these instructions at a significant performance hit.
Free
Absolutely Free
How would you rate OpenSSL?
Similar apps
VPN-X Client
P2P/SSL/TLS VPN client.
Is this app is similar to VPN-X Client? Vote to improve the quality of this list.
Vote results
1
Upvotes
1
Total score
0
Downvotes
VPN-X Server
P2P/SSL/TLS VPN server.
Is this app is similar to VPN-X Server? Vote to improve the quality of this list.
Vote results
1
Upvotes
1
Total score
0
Downvotes
PEIG
Strong authentication solution.
Is this app is similar to PEIG? Vote to improve the quality of this list.
Vote results
1
Upvotes
1
Total score
0
Downvotes