I had a hard time updating openssl on my Mac OSX. Here’s what I did to update the libraries:
Install and upate brew
Some third parties provide OpenSSL compatible engines. As for the binaries above the following disclaimer applies: Important Disclaimer: The listing of these third party products does not imply any endorsement by the OpenSSL project, and these organizations are not affiliated in any way with OpenSSL other than by the reference to their independent web sites here. OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. For more information about the team and community around the project, or to start making your own contributions, start with the community page.
openssl version
If one of the bad versions come up (1.0.1a-f), you can figure out which version of openssl you’re using, this way:
which openssl
Often this is from /usr/bin. To make sure you get the updated version, drop a symlink into /usr/local/bin to point to the updated openssl, like this:
ln -s /usr/local/Cellar/openssl/1.0.1g/bin/openssl /usr/local/bin/openssl
Openssl Update For Mac Os
Note: You may have to exit and start the Terminal session to see the new changes.
As an alternative to that final step, some people replace the openssl in /usr/bin with a symlink to /usr/local/Cellar/openssl/1.0.1g/bin/openssl (or whatever your version is):
mv /usr/bin/openssl /usr/bin/openssl_OLD
ln -s /usr/local/Cellar/openssl/1.0.1g/bin/openssl /usr/bin/openssl
ln -s /usr/local/Cellar/openssl/1.0.1g/bin/openssl /usr/bin/openssl
But this is known to cause problems with some more recent versions of OSX. Better to just insert a new symlink into /usr/local/bin, which should take precedence on your path over /usr/bin.
Original article: http://apple.stackexchange.com/questions/126830/how-to-upgrade-openssl-in-os-x
In the age of cyber warfare, being paranoid is the only reasonable attitude and that means, among other things, being paranoid about software updates.
Take for example OpenSSL. This open source cryptography library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols is designed to “secure communications over computer networks against eavesdropping”, but guess what: it has been riddled with bugs since its inception. This may be unavoidable, to a certain degree — after all, we are speaking about software. Even so, the inherent flaws of OpenSSL should not be an excuse for not keeping the version you use as bullet-proof as possible. Let’s not forget that your car is most likely hackable by a 15 year old and yet you still (presumably) lock the doors.
While you can’t do much about the yet-to-be-identified bugs, you can at least protect your systems from those bugs that have been already patched up and widely documented.
Too bad the official OpenSSL website offers Linux sources only.
While Linux distributions routinely come loaded with OpenSSL, this is not the case for Windows… or shall we say “Windows distributions”. (Didn’t Microsoft want to “Linuxify” its flaggship OS? Never mind.) If you want to run it, you need a Windows binary, and unless you are willing to compile it yourself, you have to to rely on someone else.
Here is how you can set up OpenSSL on Windows without having to deal with the code.
Step 1. Get hold of the binaries
Finding Windows binaries of OpenSSL is not an easy task, but don’t get discouraged. They do exist. To download them, navigate to:
Don’t be fooled by the Win32 string in the URL nor by the navigation pointing you to a seemingly ancient download page from way back in 2004 (from the “Products” tab through the “Win32 OpenSSL link”). Scroll down the page to the section “Download Win32 OpenSSL”, ignoring the confusing string. Now you need to pick the right binary from the list. For each version, there are two basic types: the full installer and the light installer.
Download the one named “Win64 OpenSSL v1.1.0f” (or a higher-numbered version once it becomes available) to get the full installer.
The current version as of this writing (OpenSSL 1.1.0h) is very different from previous releases. It is not the same thing at all so pay attention to the release numbers! The worst thing you can do is use an old version that has documented bugs that anyone could exploit following a howto!
Step 2. Run the installer
We recommend installing OpenSSL outside of your Windows system directory.
Step 3. Start the OpenSSL binary
To invoke OpenSSL, you can simply right-click on it in the Windows Explorer at its install location, for example in:
then choose “Run as Administrator”.
Openssl Mac Os
It will open a cmd window with the OpenSSL command prompt. Here is what to expect.
Update Openssl Mac Without Homebrew
Now you are ready to start creating your OpenSSL keys. (Speaking of which: users of the remote access utility PuTTY can export an OpenSSH key from PuTTYgen.) When using OpenSSL on Windows in this way, you simply omit the openssl command you see at the prompt. For example, to generate your key pair using OpenSSL on Windows, you may enter:
and follow the onscreen instructions as usual. To review the certificate:
How To Update Openssl
and so forth.