How to Check the OpenSSL Version Number

Introduction

Want to learn what version of OpenSSL you have?

OpenSSL is an open-source cryptographic library and SSL toolkit. The applications contained in the library help create a secure communication environment for computer networks.

OpenSSL contains an implementation of SSL and TLS protocols, meaning that most servers and HTTPS websites use its resources.

In this tutorial, learn how to find the OpenSSL version with a single command.

Prerequisites

  • A command-line/terminal window.
  • OpenSSL installed on your system.

OpenSSL Version Command

The openssl version command allows you to determine the version your system is currently using. This information is useful if you want to find out if a particular feature is available, verify whether a security threat affects your system, or perhaps report a bug. Type in:

openssl version

The resulting data will consist of the OpenSSL version designation and the date of its initial release.

The output is clear and easy to understand. We can break down the version format to get valuable insight. Additionally, using flags can help structure the data.

OpenSSL Releases

The format of the version provides a lot of information. The position of the numbers represent the release type:

  • Major Releases – You can recognize a major release if one or both of the first two digits change. This type of release can break compatibility with previous versions. For example: 1.1.0g vs. 1.2.0
  • Minor Releases – A minor release changes the last number of the version designation, e.g., 1.1.0 vs. 1.1.1. These releases are likely to contain new features; however, they should not break binary compatibility. You do not need to recompile applications to benefit from them.
  • Letter Releases – The release designation in our example 1.1.0g contains bug and security fixes exclusively. No new features were added.

Note: The next planned version of OpenSSL is 3.0.0. Once the new version is released, the versioning scheme is going to change to a more contemporary format: MAJOR.MINOR.PATCH


OpenSSL Flags

By using a general flag –help we can see an overview of all valid options for openssl version.

openssl version –help

There are eight (8) valid options that allow you to narrow your search. The option that provides the most comprehensive set of information is:

openssl version –a

This command compiles all the information contained under the individual flags into a single output.

This option is convenient, especially when troubleshooting or composing a bug report.

The OPENSSLDIR line is especially interesting, as it will tell you where OpenSSL will look for its configurations and certificates. You can print out that specific line by using the following command:

openssl version -d

In this example, the configuration files and certificates are located at /usr/lib/ssl

Conclusion

Now you have learned how to check the OpenSSL version.

You should now understand how to interpret that data. And how it can be used to improve server security, troubleshoot or submit a bug request.

The flags presented in the article provided you with the necessary tools to help you make an informed decision and administer your system effectively.

Vladimir Kaplarevic
Vladimir is a resident Tech Writer at phoenixNAP. He has more than 7 years of experience in implementing e-commerce and online payment solutions with various global IT services providers. His articles aim to instill a passion for innovative technologies in others by providing practical advice and using an engaging writing style.
Next you should read
OpenSSL Tutorial: How Do SSL Certificates, Private Keys, & CSRs Work?
September 11, 2018

Initially developed by Netscape in 1994 to support the internet's e-commerce capabilities, Secure Socket...
Read more
How to Generate a Certificate Signing Request (CSR) With OpenSSL
May 22, 2019

A Certificate Signing Request (CSR) is the first step in setting up an SSL Certificate on your website. An...
Read more
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH
May 20, 2019

Are you running into the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error? This error happens in a user's browser...
Read more
How To Install SSL Certificate on Apache for CentOS 7
September 15, 2019

Learn how to obtain and install SSL Certificates on Apache CentOS 7. The article explains how to use an...
Read more
  • © 2021 Copyright phoenixNAP | Global IT Services. All Rights Reserved.