Cryptography and SSL/TLS Toolkit

Support Contracts

In addition to community support, OpenSSL Software Services offers three different types of support contract. If you have specific requirements not addressed by any of these plans, or for more information, discuss custom arrangements.

Please see the list of definitions at the bottom of the page for the definitions used below.

Premium Enterprise Level Support
Designed for the large enterprise utilising OpenSSL extensively in product lines or critical infrastructure.
Vendor Support
Designed for organisations requiring support of product lines using OpenSSL or for customised in-house versions of OpenSSL.
Basic Support
Basic technical support for application development shops or end users.


Premium Level Support

US$50,000 annually

  • All technical support requests handled directly by a Designated Responder
  • 24x7x365 availability
  • Four Support Administrators
  • Unlimited Service Requests
  • Custom patch preparation and creation
  • OpenSSL FIPS Object Module support included
  • FIPS validation support

The premium support plan is designed for the large enterprise using OpenSSL as an essential component of multiple products or product lines or in support of in-house or commercially provided services. Many prospective Premium Level customers have already hired individual OpenSSL team members for specific tasks. The typical large enterprise customer has a capable in-house technical staff but still finds it cost-effective to engage the world class talent of OpenSSL authors and maintainers. Customisation of OpenSSL by prospective Schedule A customers is common, as are "private label" FIPS 140-2 validations.

Note we don't expect to sell very many of the premium support plans, but those few customers will receive careful attention for both immediate problems and long range strategic interests.

Vendor Level Support

US$20,000 annually

  • Institutional Response with escalation to Designated Responder as appropriate.
  • 12x5 availability
  • Two Support Administrators
  • Limit of four Service Requests per month
  • Custom patch preparation
  • OpenSSL FIPS Object Module support included
  • FIPS validation support excluded

This plan is designed for the medium enterprise using OpenSSL for a single product or product line. The prospective Vendor Level Support customer has a proficient technical staff but no specific expertise in cryptography or OpenSSL. Technical support is provided for use of the unmodified OpenSSL FIPS Object Module, but not for validations of derivative software.

Basic Support

US$10,000 annually

  • Institutional Response only
  • 8x5 availability
  • One Support Administrator
  • Limit of one unique Service Request per month
  • OpenSSL FIPS Object Module support excluded
  • FIPS validation support excluded

This plan is designed for the medium to small enterprise relying on stock OpenSSL for significant products or services and lacking internal resources for effectively addressing all operational and application development issues.

Support Terms

Customer Contacts
Customer personnel familiar with the customer's software environment coordinating technical support correspondence between the customer and OSF personnel for a specific service request. The Customer Contacts are the sole liaisons for such technical correspondence with the OSF. It is recommended that the Customer Contacts be knowledgeable about the customer environment and use of the OpenSSL software and have an understanding of the problem for which support services are requested.
Designated Responder
All technical support is provided by OpenSSL team members or their close collaborators in the OpenSSL developer community. A designated responder is an OpenSSL team member directly handling a support request and communicating directly with the Customer Contact.
Institutional Response
Technical support correspondence originating or reviewed by one or more OpenSSL team members but communicated indirectly by other OSF personnel.
Patch Preparation
The preparation of a patch changeset from existing changes committed to the OpenSSL source code repository.
Patch Creation
The coding of new source code modifications or additions not already committed to the OpenSSL source code repository. The resolution of problems identified in the OpenSSL software itself will generally be resolved by committing the code modifications to the OpenSSL source code repository; such modifications automatically define a patch. For support plan options custom software modifications may be performed that are specific to the customer environment. Such custom modifications will not be committed to the publicly available source code repository and will be delivered to the customer as custom patches.
Service Request
A specific request for support initiated by a Support Administrator and assigned a service request number by the OSF.
Support Administrator
An individual designated by the customer to submit requests for technical support to the OSF. The number of individuals that can be designated as support administrators varies with the support plan option. The support administrator may be a Customer Contact in the context of a specific Service Request, or may designate a Customer Contact for Service Requests.