Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
OpenSSL is an open source tool for using the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols for Web authentication.
OpenSSL offers cryptographic functions to support SSL/TLS protocols. In SSL security, websites use digital certificates to prove their legitimacy.
OpenSSL is written in the C programming language and relies on different ciphers and algorithms to provide encryption. The product is dual licensed under an Apache license and a Berkeley Software Distribution license.
Various successive versions of OpenSSL have been developed since 1998, when the product was first unveiled. The most recent set of OpenSSL versions including 1.0.1 through 1.0.1f involve a dramatic security flaw discovered in April of 2014. The vulnerability relates to a feature called TLS heartbeat extension, where a bug can release up to 64 kB of memory -- the vulnerability has been termed the 'Heartbleed bug’ and has been estimated to affect at least half a million secure web servers on the Internet.
A current version of OpenSSL in use, version 1.0.1G, has been modified to fix the Heartbleed bug.