Chapter 1. OpenSSL Command Line
OpenSSL is the world’s most widely used implementation of the Transport Layer Security (TLS) protocol. At the core, it’s also a robust and a high-performing cryptographic library with support for a wide range of cryptographic primitives. In addition to the library code, OpenSSL provides a set of command-line tools that serve a variety of purposes, including support for common PKI operations and TLS testing.
OpenSSL is a de facto standard in this space and comes with a long history. The code initially began its life in 1995 under the name SSLeay,1 when it was developed by Eric A. Young and Tim J. Hudson. OpenSSL as a separate project was born in 1998, when Eric and Tim decided to begin working on a commercial SSL/TLS toolkit called BSAFE SSL-C. A community of developers picked up the project and continued to maintain it.
Today, OpenSSL is ubiquitous on the server side and in many client programs. The command-line tools are also the most common choice for key and certificate management. When it comes to browsers, OpenSSL also has a substantial market share, albeit via Google’s fork, called BoringSSL.
OpenSSL used to be dual-licensed under OpenSSL and SSLeay licenses. Both are BSD-like, with an advertising clause. With version 3.0, released in September 2021, OpenSSL simplified its licensing by moving to Apache License v2.0.