Automic VaultAutomic Vault

brew

Install openssl@3.0 with Homebrew, apk, chocolatey, apt, dnf, MacPorts, Nix, pacman, scoop, winget, zypper

Cryptography and SSL/TLS Toolkit. Version 3.0.21 via Homebrew; verified 2026-07-06.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install openssl@3.0

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install openssl

MacPorts ports tree · devel/openssl/Portfile · source: api.github.com

Linux

Alpine Linux apkverified · 92%
sudo apk add libcrypto3

Alpine Linux edge package indexes · libcrypto3 · source: dl-cdn.alpinelinux.org

Debian aptverified · 92%
sudo apt install libssl-dev

Debian stable package indexes · libssl-dev · source: deb.debian.org

Fedora dnfverified · 92%
sudo dnf install openssl

Fedora Rawhide package metadata · openssl · source: dl.fedoraproject.org

Nixverified · 92%
nix profile install nixpkgs#openssl

nixpkgs package indexes · openssl · source: raw.githubusercontent.com

Arch Linux pacmanverified · 92%
sudo pacman -S openssl

Arch Linux sync databases · openssl · source: geo.mirror.pkgbuild.com

openSUSE zypperverified · 92%
sudo zypper install libopenssl-devel

openSUSE Tumbleweed package metadata · libopenssl-devel · source: download.opensuse.org

Windows

Chocolateyverified · 92%
choco install openssl

Chocolatey community package catalog · openssl · source: community.chocolatey.org

Scoopverified · 92%
scoop install main/openssl

Scoop official bucket manifest trees · bucket/openssl.json · source: api.github.com

Windows Package Managerverified · 92%
winget install --id ShiningLight.OpenSSL.Dev -e

Windows Package Manager source index · ShiningLight.OpenSSL.Dev · source: cdn.winget.microsoft.com

overview

Package summary

Cryptography and SSL/TLS Toolkit

Commands and aliases

No executable aliases were found in the local package database.

history

Project history and usage

OpenSSL 3.0 is the first OpenSSL 3 major-release line: a TLS, SSL, and general-purpose cryptography toolkit with a command-line program, libssl, libcrypto, providers, and an Apache-2.0 license. Homebrew's `openssl@3.0` formula packages the 3.0 long-lived branch separately for software that must stay on that ABI and behavior profile.

Project history

OpenSSL traces back to SSLeay, the open-source SSL library by Eric A. Young and Tim J. Hudson. In December 1998, after Young and Hudson moved to RSA and SSLeay's future became uncertain, Mark Cox, Ralf Engelschall, Stephen Henson, Ben Laurie, and Paul Sutton organized a successor project, changed the planned name from OpenTLS to OpenSSL, and released OpenSSL 0.9.1c on December 23, 1998.

For two decades OpenSSL became a central TLS and cryptography dependency for web servers, language runtimes, package managers, mail software, VPNs, databases, and countless command-line workflows. The 2014 Heartbleed vulnerability exposed how much internet infrastructure depended on a small maintenance team and led to governance, funding, and foundation changes around the project.

OpenSSL 3.0, released on September 7, 2021, was a major architectural and licensing reset. The migration guide highlights the switch from the dual OpenSSL/SSLeay licenses to Apache License 2.0, the provider model for algorithm implementations, FIPS provider support, and formal deprecation of many low-level cryptographic APIs in favor of high-level EVP APIs.

Adoption history

OpenSSL 3.0 became the compatibility anchor for the OpenSSL 3 generation because it preserved source compatibility for many 1.1.1 applications while requiring recompilation and, in some cases, API migration. Distributions and package managers adopted it as the route from OpenSSL 1.1.1 into the provider-based OpenSSL architecture.

Homebrew's `openssl@3.0` is keg-only and versioned, which matters for build reproducibility: a formula can link to the 3.0 branch without being silently moved to newer OpenSSL 3 minor releases. The cited Homebrew page lists a 2026-09-07 deprecation date and stable version 3.0.21.

How it is used

Developers use OpenSSL 3.0 through C APIs in libssl/libcrypto, through language bindings that wrap those libraries, and through the `openssl` CLI for certificates, keys, CSRs, testing TLS endpoints, hashing, signing, and format conversion. The 3.0 branch adds provider configuration and FIPS-module choices to those familiar workflows.

Packagers use `openssl@3.0` when an application has been certified, tested, or constrained against the 3.0 line. The branch is less about new features and more about maintaining predictable OpenSSL 3 behavior while security fixes continue for that line.

Why package nerds care

OpenSSL 3.0 is a packaging landmark because it changed more than a version number. The provider architecture, FIPS integration, license switch, and low-level API deprecations affected build flags, downstream patches, runtime configuration paths, and compatibility promises across huge dependency graphs.

The `openssl@3.0` formula is package-manager archaeology in action: even after newer OpenSSL 3 branches exist, the old branch remains packaged because TLS libraries are sticky dependencies and some consumers need exact branch semantics.

Timeline

  • December 23, 1998: OpenSSL 0.9.1c is released.
  • 2014: Heartbleed triggers governance and funding changes around OpenSSL.
  • September 7, 2021: OpenSSL 3.0.0 is released.
  • 2021 onward: OpenSSL 3.0 receives security and bug-fix releases in its own series.
  • 2026: Homebrew lists `openssl@3.0` as a keg-only formula with stable version 3.0.21 and a 2026-09-07 deprecation date.

Related projects

  • OpenSSL descends from SSLeay and competes or coexists with LibreSSL, BoringSSL, AWS-LC, GnuTLS, NSS, wolfSSL, and platform TLS libraries. OpenSSH, curl, web servers, programming-language runtimes, and certificate tooling are among the downstream ecosystems affected by OpenSSL branch choices.

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for openssl@3.0. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 1 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
openssl.cnf

executables

Installed executables

CommandKindExposureNote
No executable data was present.

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version3.0.21
manager updated2026-07-06
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/openssl/openssl

install metadata

Package metadata

Package keybrew:openssl@3.0
Version3.0.21
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/openssl@3.0
Homepagehttps://openssl-library.org
Repositoryhttps://github.com/openssl/openssl
Upstream docshttps://docs.openssl.org/3.0
LicenseApache-2.0
Source archivehttps://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz
Last updated2026-07-06T03:08:48Z
Pulseupdated
Dependenciesca-certificates
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared
CaveatsA CA file has been bootstrapped using certificates from the system keychain. To add additional certificates, place .pem files in $HOMEBREW_PREFIX/etc/openssl@3.0/certs and run $HOMEBREW_PREFIX/opt/openssl@3.0/bin/c_rehash

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameopenssl@3.0
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyyes
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt88%

libssl-dev 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - development files

https://openssl-library.org

sudo apt install libssl-dev
  • Section: libdevel
  • Architecture: amd64
  • Source Package: openssl
  • 1 dependencies
  • 1 optional deps
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: libssl-dev from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt88%

libssl-doc 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - development documentation

https://openssl-library.org

sudo apt install libssl-doc
  • Section: doc
  • Architecture: all
  • Source Package: openssl
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: libssl-doc from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt88%

libssl3t64 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - shared libraries

https://openssl-library.org

sudo apt install libssl3t64
  • Section: libs
  • Architecture: amd64
  • Source Package: openssl
  • 4 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: libssl3t64 from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt88%

openssl 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - cryptographic utility

https://openssl-library.org

sudo apt install openssl
  • Section: utils
  • Architecture: amd64
  • 2 dependencies
  • 1 optional deps
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: openssl from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt88%

openssl-provider-fips 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - cryptographic utility

https://openssl-library.org

sudo apt install openssl-provider-fips
  • Section: utils
  • Architecture: amd64
  • Source Package: openssl
  • 1 dependencies
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: openssl-provider-fips from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Debian apt88%

openssl-provider-legacy 3.5.6-1~deb13u1

Secure Sockets Layer toolkit - cryptographic utility

https://openssl-library.org

sudo apt install openssl-provider-legacy
  • Section: utils
  • Architecture: amd64
  • Source Package: openssl
  • 2 dependencies
  • versioned package alias match
  • Matched by: Openssl
Debian stable package indexes · deb.debian.org · Debian stable package indexes: openssl-provider-legacy from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix88%

openssl

nix profile install nixpkgs#openssl
  • versioned package alias match
  • Matched by: Openssl
nixpkgs package indexes · raw.githubusercontent.com · nixpkgs package indexes: openssl from https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/all-packages.nix
Ubuntu apt88%

libssl-dev 3.0.13-0ubuntu3

Secure Sockets Layer toolkit - development files

https://www.openssl.org/

sudo apt install libssl-dev
  • Section: libdevel
  • Architecture: amd64
  • Source Package: openssl
  • 1 dependencies
  • 1 optional deps
  • versioned package alias match
  • Matched by: Openssl
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: libssl-dev from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
Ubuntu apt88%

libssl-doc 3.0.13-0ubuntu3

Secure Sockets Layer toolkit - development documentation

https://www.openssl.org/

sudo apt install libssl-doc
  • Section: doc
  • Architecture: all
  • Source Package: openssl
  • versioned package alias match
  • Matched by: Openssl
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: libssl-doc from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
Ubuntu apt88%

libssl3t64 3.0.13-0ubuntu3

Secure Sockets Layer toolkit - shared libraries

https://www.openssl.org/

sudo apt install libssl3t64
  • Section: libs
  • Architecture: amd64
  • Source Package: openssl
  • 1 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: libssl3t64 from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
Ubuntu apt88%

openssl 3.0.13-0ubuntu3

Secure Sockets Layer toolkit - cryptographic utility

https://www.openssl.org/

sudo apt install openssl
  • Section: utils
  • Architecture: amd64
  • 2 dependencies
  • 1 optional deps
  • versioned package alias match
  • Matched by: Openssl
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: openssl from https://archive.ubuntu.com/ubuntu/dists/noble/main/binary-amd64/Packages.gz
apk88%

libcrypto3 3.5.7-r0

Crypto library from openssl

https://www.openssl.org/

sudo apk add libcrypto3
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: openssl
  • 1 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: libcrypto3 from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk88%

libssl3 3.5.7-r0

SSL shared libraries

https://www.openssl.org/

sudo apk add libssl3
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: openssl
  • 1 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: libssl3 from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk88%

openssl 3.5.7-r0

Toolkit for Transport Layer Security (TLS)

https://www.openssl.org/

sudo apk add openssl
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: openssl
  • 1 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: openssl from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk88%

openssl-dbg 3.5.7-r0

Toolkit for Transport Layer Security (TLS) (debug symbols)

https://www.openssl.org/

sudo apk add openssl-dbg
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: openssl
  • 1 dependencies
  • versioned package alias match
  • Matched by: Openssl
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: openssl-dbg from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk88%

openssl-dev 3.5.7-r0

Toolkit for Transport Layer Security (TLS) (development files)

https://www.openssl.org/

sudo apk add openssl-dev
  • License: Apache-2.0
  • Architecture: x86_64
  • Source Package: openssl
  • 1 dependencies
  • 1 provides
  • versioned package alias match
  • Matched by: Openssl
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: openssl-dev from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Nucleus package database
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment