Author Topic: OpenSSL Toolkit  (Read 61 times)

0 Members and 1 Guest are viewing this topic.

Offline Mike Stefanik

  • Full Member
  • ***
  • Posts: 126
    • Catalyst Development
OpenSSL Toolkit
« on: January 09, 2019, 12:04:45 AM »
If you're interested in a Windows build for the OpenSSL command-line tool that has no external dependencies (including no dependency on the Visual C runtime), we've made one available. I also posted this over on the PowerBASIC forums, but I figured some other folks here might find it useful. This is primarily for the benefit of folks who are using SocketTools to build server applications, and they want to create test certificates. We have an article that discusses how to create a self-signed server certificate using Microsoft's MakeCert tool, however it has the limitation that it won't create certificates with the v3 extensions like alternative subject names.

The installer packages include the latest stable release of OpenSSL, version 1.1.1a from 20 Nov 2018. We'll update it as new versions are released and they'll only be compiled from the stable branch, so there won't be any test builds. There's two versions of the install packages available, which can be used with Windows XP and later:

This is a complete install (about 22MB) that includes static link libraries and include files (for Visual C) and documentation. The docs for OpenSSL are released as HTML versions of the UNIX man pages, so we've included those and combined them into a single Compile Help File (CHM) format as well. By default, it will install under C:\Program Files (x86)\OpenSSL and the configuration files into C:\ProgramData\OpenSSL. The actual folder locations can vary depending on platform.

This is a minimal install package (about 3MB) that only includes the OpenSSL tool and its configuration files. There's no shortcuts created, and no libraries, include files or documentation.

If you are using SocketTools and want to create a "localhost" test certificate, we also have an OpenSSL configuration file and script that will create a test root certificate and localhost certificate without worrying about the various arcane commands that you need to use (trust me, that can be a whole adventure all on its own). You can download it from here:

There's a readme.txt file that explains what you'll need to do. The script presumes that you're using a 64-bit Windows 7 or later system and its installed in C:\Program Files (x86)\OpenSSL. If you're using 32-bit Windows, or you've installed OpenSSL somewhere other than the default location, edit the script to provide the right location.

Just a quick final note, while we're providing this for use with SocketTools, you don't need a SocketTools license to use it. It's freely available software that we're making available as a convenience for developers using our components. SocketTools itself doesn't actually use OpenSSL, it uses the CrytpoAPI and Schannel SSP that's part of Windows. However, the OpenSSL tool can be handy to have if you need to generate your own certificates, and to test secure connections. We can't provide technical support for OpenSSL of course, but if you run into any problems with the installation, just let me know.
Mike Stefanik