macOS
brew install openssl@3.0local Homebrew formula metadata
sudo port install opensslMacPorts ports tree · devel/openssl/Portfile · source: api.github.com
brew
Cryptography and SSL/TLS Toolkit. Version 3.0.21 via Homebrew; verified 2026-07-06.
install
brew install openssl@3.0local Homebrew formula metadata
sudo port install opensslMacPorts ports tree · devel/openssl/Portfile · source: api.github.com
sudo apk add libcrypto3Alpine Linux edge package indexes · libcrypto3 · source: dl-cdn.alpinelinux.org
sudo apt install libssl-devDebian stable package indexes · libssl-dev · source: deb.debian.org
sudo dnf install opensslFedora Rawhide package metadata · openssl · source: dl.fedoraproject.org
nix profile install nixpkgs#opensslnixpkgs package indexes · openssl · source: raw.githubusercontent.com
sudo pacman -S opensslArch Linux sync databases · openssl · source: geo.mirror.pkgbuild.com
sudo zypper install libopenssl-developenSUSE Tumbleweed package metadata · libopenssl-devel · source: download.opensuse.org
choco install opensslChocolatey community package catalog · openssl · source: community.chocolatey.org
scoop install main/opensslScoop official bucket manifest trees · bucket/openssl.json · source: api.github.com
winget install --id ShiningLight.OpenSSL.Dev -eWindows Package Manager source index · ShiningLight.OpenSSL.Dev · source: cdn.winget.microsoft.com
overview
Cryptography and SSL/TLS Toolkit
No executable aliases were found in the local package database.
history
OpenSSL 3.0 is the first OpenSSL 3 major-release line: a TLS, SSL, and general-purpose cryptography toolkit with a command-line program, libssl, libcrypto, providers, and an Apache-2.0 license. Homebrew's `openssl@3.0` formula packages the 3.0 long-lived branch separately for software that must stay on that ABI and behavior profile.
OpenSSL traces back to SSLeay, the open-source SSL library by Eric A. Young and Tim J. Hudson. In December 1998, after Young and Hudson moved to RSA and SSLeay's future became uncertain, Mark Cox, Ralf Engelschall, Stephen Henson, Ben Laurie, and Paul Sutton organized a successor project, changed the planned name from OpenTLS to OpenSSL, and released OpenSSL 0.9.1c on December 23, 1998.
For two decades OpenSSL became a central TLS and cryptography dependency for web servers, language runtimes, package managers, mail software, VPNs, databases, and countless command-line workflows. The 2014 Heartbleed vulnerability exposed how much internet infrastructure depended on a small maintenance team and led to governance, funding, and foundation changes around the project.
OpenSSL 3.0, released on September 7, 2021, was a major architectural and licensing reset. The migration guide highlights the switch from the dual OpenSSL/SSLeay licenses to Apache License 2.0, the provider model for algorithm implementations, FIPS provider support, and formal deprecation of many low-level cryptographic APIs in favor of high-level EVP APIs.
OpenSSL 3.0 became the compatibility anchor for the OpenSSL 3 generation because it preserved source compatibility for many 1.1.1 applications while requiring recompilation and, in some cases, API migration. Distributions and package managers adopted it as the route from OpenSSL 1.1.1 into the provider-based OpenSSL architecture.
Homebrew's `openssl@3.0` is keg-only and versioned, which matters for build reproducibility: a formula can link to the 3.0 branch without being silently moved to newer OpenSSL 3 minor releases. The cited Homebrew page lists a 2026-09-07 deprecation date and stable version 3.0.21.
Developers use OpenSSL 3.0 through C APIs in libssl/libcrypto, through language bindings that wrap those libraries, and through the `openssl` CLI for certificates, keys, CSRs, testing TLS endpoints, hashing, signing, and format conversion. The 3.0 branch adds provider configuration and FIPS-module choices to those familiar workflows.
Packagers use `openssl@3.0` when an application has been certified, tested, or constrained against the 3.0 line. The branch is less about new features and more about maintaining predictable OpenSSL 3 behavior while security fixes continue for that line.
OpenSSL 3.0 is a packaging landmark because it changed more than a version number. The provider architecture, FIPS integration, license switch, and low-level API deprecations affected build flags, downstream patches, runtime configuration paths, and compatibility promises across huge dependency graphs.
The `openssl@3.0` formula is package-manager archaeology in action: even after newer OpenSSL 3 branches exist, the old branch remains packaged because TLS libraries are sticky dependencies and some consumers need exact branch semantics.
security posture
No matching local secret-handling manifest was found for openssl@3.0. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
openssl.cnfexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
| No executable data was present. | |||
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/openssl/openssl
install metadata
| Package key | brew:openssl@3.0 |
|---|---|
| Version | 3.0.21 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/openssl@3.0 |
| Homepage | https://openssl-library.org |
| Repository | https://github.com/openssl/openssl |
| Upstream docs | https://docs.openssl.org/3.0 |
| License | Apache-2.0 |
| Source archive | https://github.com/openssl/openssl/releases/download/openssl-3.0.21/openssl-3.0.21.tar.gz |
| Last updated | 2026-07-06T03:08:48Z |
| Pulse | updated |
| Dependencies | ca-certificates |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
| Caveats | A CA file has been bootstrapped using certificates from the system keychain. To add additional certificates, place .pem files in $HOMEBREW_PREFIX/etc/openssl@3.0/certs and run $HOMEBREW_PREFIX/opt/openssl@3.0/bin/c_rehash |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | openssl@3.0 |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | yes |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
libssl-dev 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - development files
sudo apt install libssl-devlibssl-doc 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - development documentation
sudo apt install libssl-doclibssl3t64 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - shared libraries
sudo apt install libssl3t64openssl 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install opensslopenssl-provider-fips 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssl-provider-fipsopenssl-provider-legacy 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssl-provider-legacyopenssl
nix profile install nixpkgs#openssllibssl-dev 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - development files
sudo apt install libssl-devlibssl-doc 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - development documentation
sudo apt install libssl-doclibssl3t64 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - shared libraries
sudo apt install libssl3t64openssl 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssllibcrypto3 3.5.7-r0
Crypto library from openssl
sudo apk add libcrypto3libssl3 3.5.7-r0
SSL shared libraries
sudo apk add libssl3openssl 3.5.7-r0
Toolkit for Transport Layer Security (TLS)
sudo apk add opensslopenssl-dbg 3.5.7-r0
Toolkit for Transport Layer Security (TLS) (debug symbols)
sudo apk add openssl-dbgopenssl-dev 3.5.7-r0
Toolkit for Transport Layer Security (TLS) (development files)
sudo apk add openssl-devsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.