Following on from the recent announcement that OpenSSL 3.0 has been released, we have now also submitted our FIPS 140-2 validation report to NIST’s Cryptographic Module Validation Program (CMVP).
The currently recommended certificate chain as presented to Let’s Encrypt ACME clients when new certificates are issued contains an intermediate certificate (ISRG Root X1) that is signed by an old DST Root CA X3 certificate that expires on 2021-09-30. In some cases the OpenSSL 1.0.2 version will regard the certificates issued by the Let’s Encrypt CA as having an expired trust chain.
After 3 years of development work, 17 alpha releases, 2 beta releases, over 7,500 commits and contributions from over 350 different authors we have finally released OpenSSL 3.0! In addition to this there has been a large number of contributions from our users who have been actively working with the pre-release versions to test it, make sure it works in the real world and with a large array of different applications and reporting their results. I am also delighted to note that there has been a 94% increase in the amount of documentation that we have since OpenSSL 1.1.1 and an (adjusted) increase in the “lines of code” in our tests of 54%. There has never been a better demonstration of what an active and enthusiastic community we have than when you look at the statistics for the OpenSSL 3.0 development work. Thanks to everyone who has taken part - no matter how small that part was.
The OpenSSL Management Committee (OMC) and the OpenSSL Technical Committee (OTC) are glad to announce our first beta release of OpenSSL 3.0. We consider this to be a release candidate and as such encourage all OpenSSL users to build and test against this beta release and provide feedback.
The OpenSSL Management Committee (OMC) and the OpenSSL Technical Committee (OTC) are glad to announce the seventh alpha release of OpenSSL 3.0.
The OpenSSL Management Committee and the OpenSSL Technical Committee are glad to announce the fourth alpha release of OpenSSL 3.0.
The OpenSSL Management Committee and the OpenSSL Technical Committee are glad to announce the third alpha release of OpenSSL 3.0.
The OpenSSL Management Committee and the OpenSSL Technical Committee are glad to announce the second alpha release of OpenSSL 3.0.
We’re planning to extend who we prenotify of any future High and Critical security issues.
The OpenSSL Management Committee and the OpenSSL Technical Committee are glad to announce the first alpha release of OpenSSL 3.0.