Downloads

The master sources are maintained in our git repository, which is accessible over the network and cloned on GitHub, at https://github.com/openssl/openssl. Bugs and pull patches (issues and pull requests) should be filed on the GitHub repo. Please familiarize yourself with the license.

The table below lists the latest releases for every branch. (For an explanation of the numbering, see our release strategy.) All releases can be found at /source/old.

Filename Size in kBytes Date Checksums
openssl-3.4.0.tar.gz 17891kB 22 Oct 2024 12:38 (SHA256) (PGP sign) (SHA1)
openssl-3.3.2.tar.gz 17652kB 03 Sep 2024 13:58 (SHA256) (PGP sign) (SHA1)
openssl-3.2.3.tar.gz 17346kB 03 Sep 2024 13:59 (SHA256) (PGP sign) (SHA1)
openssl-3.1.7.tar.gz 15317kB 03 Sep 2024 13:59 (SHA256) (PGP sign) (SHA1)
openssl-3.0.15.tar.gz 14959kB 03 Sep 2024 14:02 (SHA256) (PGP sign) (SHA1)

Note: The latest stable version is the 3.4 series supported until 22nd October 2026. Also available is the 3.3 series supported until 9th April 2026, the 3.2 series supported until 23rd November 2025, the 3.1 series supported until 14th March 2025, and the 3.0 series which is a Long Term Support (LTS) version and is supported until 7th September 2026. All older versions (including 1.1.1, 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of support and should not be used. Users of these older versions are encouraged to upgrade to 3.4 as soon as possible. Extended support for 1.1.1 and 1.0.2 to gain access to security fixes for those versions is available.

The following OpenSSL version(s) are FIPS validated:

 OpenSSL Version   Certificate   Security Policy 
3.0.9 certificate security policy
3.0.8 certificate security policy
3.0.0 certificate security policy

For a list of CVEs and their impact on validated FIPS providers, visit the CVEs and FIPS page.

Please follow the Security Policy instructions to download, build and install a validated OpenSSL FIPS provider. Other OpenSSL Releases MAY use the validated FIPS provider, but MUST NOT build and use their own FIPS provider. For example you can build OpenSSL 3.4 and use the OpenSSL 3.0.9 FIPS provider with it.

Information about how to configure and use the FIPS provider in your applications is available on the FIPS module man page. You must also read the module security policy and follow the specific build and installation instructions included in it.

For an overview of some of the key concepts in OpenSSL 3.4 see the OpenSSL Guide. Much of the information in the guide is also applicable to older releases such as 3.3, 3.2, 3.1 and 3.0 except for sections relating to new features only in 3.4. Information and notes about migrating existing applications to OpenSSL 3.4 (and 3.3/3.2/3.1/3.0) are available in the OpenSSL 3.4 Migration Guide

When building a release for the first time, please make sure to look at the INSTALL file in the distribution along with any NOTES file applicable to your platform. If you have problems, then join the openssl-users email list and post a question there.

PGP keys for the signatures of old releases are available from the OTC page and can also be signed with a key with the fingerprint: EFC0 A467 D613 CB83 C7ED 6D30 D894 E2CE 8B3D 79F5.

The current releases are signed by the OpenSSL key with fingerprint BA54 73A2 B058 7B07 FB27 CF2D 2160 94DF D0CB 81EF.

Each day we make a snapshot of each development branch. They can be found at https://www.openssl.org/source/snapshot/. These daily snapshots of the source tree are provided for convenience only and not even guaranteed to compile. Note that keeping a git local repository and updating it every 24 hours is equivalent and will often be faster and more efficient.