OpenSSL - Frequently Asked Questions
--------------------------------------
+* Which is the current version of OpenSSL?
* Where is the documentation?
* How can I contact the OpenSSL developers?
* Do I need patent licenses to use OpenSSL?
* Is OpenSSL thread-safe?
* Why do I get a "PRNG not seeded" error message?
+* Why does the linker complain about undefined symbols?
* Where can I get a compiled version of OpenSSL?
+* Which is the current version of OpenSSL?
+
+The current version is available from <URL: http://www.openssl.org>.
+OpenSSL 0.9.5 was released on February 28th, 2000.
+
+In addition to the current stable release, you can also access daily
+snapshots of the OpenSSL development version at <URL:
+ftp://ftp.openssl.org/snapshot/>, or get it by anonymous CVS access.
+
+
* Where is the documentation?
OpenSSL is a library that provides cryptographic functionality to
predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much
of this still applies to OpenSSL.
+There is some documentation about certificate extensions and PKCS#12
+in doc/openssl.txt
+
The original SSLeay documentation is included in OpenSSL as
-doc/ssleay.txt. It may be useful when none of the other ressources
+doc/ssleay.txt. It may be useful when none of the other resources
help, but please note that it reflects the obsolete version SSLeay
0.6.6.
* Is OpenSSL thread-safe?
-Yes. On Windows and many Unix systems, OpenSSL automatically uses the
-multi-threaded versions of the standard libraries. If your platform
-is not one of these, consult the INSTALL file.
+Yes (with limitations: an SSL connection may not concurrently be used
+by multiple threads). On Windows and many Unix systems, OpenSSL
+automatically uses the multi-threaded versions of the standard
+libraries. If your platform is not one of these, consult the INSTALL
+file.
Multi-threaded applications must provide two callback functions to
OpenSSL. This is described in the threads(3) manpage.
correctly. OpenSSL 0.9.5 makes the error visible by refusing to
perform potentially insecure encryption.
+Most components of the openssl command line tool try to use the
+file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
+for seeding the PRNG. If this file does not exist or is too short,
+the "PRNG not seeded" error message may occur.
+
+
+* Why does the linker complain about undefined symbols?
+
+Maybe the compilation was interrupted, and make doesn't notice that
+something is missing. Run "make clean; make".
+
+If you used ./Configure instead of ./config, make sure that you
+selected the right target. File formats may differ slightly between
+OS versions (for example sparcv8/sparcv9, or a.out/elf).
+
+In case you get errors about the following symbols, use the config
+option "no-asm", as described in INSTALL:
+
+ BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt,
+ CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt,
+ RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words,
+ bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4,
+ bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3,
+ des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3,
+ des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order
+
+If none of these helps, you may want to try using the current snapshot.
+If the problem persists, please submit a bug report.
+
* Where can I get a compiled version of OpenSSL?
projects / openssl.git / blobdiff