macOS
brew install openssl@4local Homebrew formula metadata
sudo port install opensslMacPorts ports tree · devel/openssl/Portfile · source: api.github.com
brew
Cryptography and SSL/TLS Toolkit. Version 4.0.1 via Homebrew; verified 2026-07-04.
install
brew install openssl@4local Homebrew formula metadata
sudo port install opensslMacPorts ports tree · devel/openssl/Portfile · source: api.github.com
sudo apk add libcrypto3Alpine Linux edge package indexes · libcrypto3 · source: dl-cdn.alpinelinux.org
sudo apt install libssl-devDebian stable package indexes · libssl-dev · source: deb.debian.org
sudo dnf install opensslFedora Rawhide package metadata · openssl · source: dl.fedoraproject.org
nix profile install nixpkgs#opensslnixpkgs package indexes · openssl · source: raw.githubusercontent.com
sudo pacman -S opensslArch Linux sync databases · openssl · source: geo.mirror.pkgbuild.com
sudo zypper install libopenssl-developenSUSE Tumbleweed package metadata · libopenssl-devel · source: download.opensuse.org
choco install opensslChocolatey community package catalog · openssl · source: community.chocolatey.org
scoop install main/opensslScoop official bucket manifest trees · bucket/openssl.json · source: api.github.com
winget install --id ShiningLight.OpenSSL.Dev -eWindows Package Manager source index · ShiningLight.OpenSSL.Dev · source: cdn.winget.microsoft.com
overview
Cryptography and SSL/TLS Toolkit
No executable aliases were found in the local package database.
history
OpenSSL is one of the foundational open-source cryptography and TLS toolkits: a C library, command-line utility, and provider of low-level primitives used by operating systems, language runtimes, servers, package managers, and embedded products. The Homebrew `openssl@4` formula tracks the 4.0 series, a feature-release branch announced by the OpenSSL project on April 14, 2026.
The OpenSSL codebase descends from SSLeay, the SSL implementation written by Eric A. Young and Tim J. Hudson in the 1990s. The OpenSSL project published its first release on December 23, 1998, after SSLeay development stopped, and it became the long-running community-maintained successor for SSL/TLS and general-purpose cryptographic APIs.
OpenSSL evolved from the pre-TLS web-security era into a toolkit spanning TLS protocol support, X.509 certificate handling, cryptographic algorithms, engines, command-line inspection tools, and compliance-oriented modules. OpenSSL 3.0 introduced the provider architecture, moving algorithm implementations behind loadable providers and making FIPS use a provider-based model. OpenSSL 4.0 continued that major-version lineage with feature and compatibility changes rather than an LTS promise.
OpenSSL became a default dependency because it solved two hard packaging problems at once: it supplied a portable TLS stack and a broad cryptographic library. Unix-like operating systems, web servers, mail servers, VPNs, database clients, programming language bindings, and package managers built around it, which made ABI transitions and security updates highly visible across distributions.
The project’s adoption history also includes hard lessons in security maintenance. Events such as the 2014 Heartbleed vulnerability changed how many organizations viewed OpenSSL patching, funding, audits, and dependency tracking. Later 3.x and 4.x branches are packaged with branch-specific formulas so developers can pin applications to a supported ABI and test migrations deliberately.
Developers use the `openssl` executable to generate keys and CSRs, inspect certificates, test TLS endpoints, convert key formats, create hashes and signatures, and debug trust-chain problems. Applications link against libssl and libcrypto for TLS sessions, certificate verification, envelope encryption, digests, random number generation, and public-key operations.
Package maintainers care about exactly which OpenSSL line is installed because headers, library names, provider configuration, FIPS behavior, and deprecated APIs can affect downstream builds. A versioned package such as `openssl@4` lets build scripts and CI select the 4.0 branch while older software remains on a 3.x or LTS branch.
For package nerds, OpenSSL is the dependency that makes dependency graphs feel real: a small ABI or policy change can ripple through language ecosystems, OS images, containers, and vendored binaries. The `@4` suffix is meaningful because it advertises a major cryptographic-runtime transition, not a cosmetic formula split.
security posture
No matching local secret-handling manifest was found for openssl@4. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
$OPENSSLDIR/openssl.cnfexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
| No executable data was present. | |||
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/openssl/openssl
install metadata
| Package key | brew:openssl@4 |
|---|---|
| Version | 4.0.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/openssl@4 |
| Homepage | https://openssl-library.org |
| Repository | https://github.com/openssl/openssl |
| Upstream docs | https://docs.openssl.org/4.0/man5/config |
| License | Apache-2.0 |
| Source archive | https://github.com/openssl/openssl/releases/download/openssl-4.0.1/openssl-4.0.1.tar.gz |
| Last updated | 2026-07-04T15:59:44-04:00 |
| Pulse | updated |
| Dependencies | ca-certificates |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
| Caveats | To add additional certificates, place .pem files in $HOMEBREW_PREFIX/etc/openssl@4/certs and run $HOMEBREW_PREFIX/opt/openssl@4/bin/c_rehash |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | openssl@4 |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | yes |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
libssl-dev 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - development files
sudo apt install libssl-devlibssl-doc 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - development documentation
sudo apt install libssl-doclibssl3t64 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - shared libraries
sudo apt install libssl3t64openssl 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install opensslopenssl-provider-fips 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssl-provider-fipsopenssl-provider-legacy 3.5.6-1~deb13u1
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssl-provider-legacyopenssl
nix profile install nixpkgs#openssllibssl-dev 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - development files
sudo apt install libssl-devlibssl-doc 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - development documentation
sudo apt install libssl-doclibssl3t64 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - shared libraries
sudo apt install libssl3t64openssl 3.0.13-0ubuntu3
Secure Sockets Layer toolkit - cryptographic utility
sudo apt install openssllibcrypto3 3.5.7-r0
Crypto library from openssl
sudo apk add libcrypto3libssl3 3.5.7-r0
SSL shared libraries
sudo apk add libssl3openssl 3.5.7-r0
Toolkit for Transport Layer Security (TLS)
sudo apk add opensslopenssl-dbg 3.5.7-r0
Toolkit for Transport Layer Security (TLS) (debug symbols)
sudo apk add openssl-dbgopenssl-dev 3.5.7-r0
Toolkit for Transport Layer Security (TLS) (development files)
sudo apk add openssl-devsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.