OpenSSL Blog

OpenSSL 3.0 Alpha1 Release


The OpenSSL Management Committee and the OpenSSL Technical Committee are glad to announce the first alpha release of OpenSSL 3.0.

As any alpha release, the code is still experimental and many things can still change before the feature freeze planned for the beta release. In the following weeks more alpha releases will be issued to add more functionality, polish and improve the code and fix issues.

OpenSSL 3.0 is the next major release of OpenSSL that is currently in development, and represents a major re-architecture of the internal plumbing of OpenSSL. We’ve been talking about this for a while and you can read a detailed description of the planned changes in our design document.

The biggest single change is the introduction of a concept called “Providers”. In OpenSSL 3.0 all cryptographic algorithms will be implemented in a provider. There will be a “default” built-in provider, as well as others such as a “legacy” provider to enable access to legacy algorithms and a “FIPS” provider to enable access to FIPS validated algorithms. The stated target for releasing this first alpha was to support “basic functionality plus basic FIPS module”, after this great architectural overhaul.

We invite the OpenSSL community to download and test this alpha release to provide early feedback, prioritizing GitHub issues and pull requests as the favourite channel for contributing to the OpenSSL 3.0 project.

For more details on upgrading to OpenSSL 3.0 from previous versions, as well as known issues and the status of current development, we collected specific notes on the OpenSSL wiki. We strongly encourage consulting (and contributing to) this wiki entry also to discover the most important changes in the upcoming OpenSSL 3.0 and how they might affect you and the code you maintain.

We are always keen to see oldtimers and newcomers alike proposing issues, fixes and contributions, not only in the form of code, but also for manpages and wiki documentation. At this point, it is particularly important to also make sure that the documentation for the new architecture, for the new features, and for the new deprecations and their replacements, is available, complete, up-to-date and sufficiently clear for external users.

The feedback from the community, and your involvement in testing external applications and ENGINEs against the next version of OpenSSL and improving the documentation is crucial to the continued quality of the OpenSSL Project.