- How to determine version of openssl library?
- 6 Answers 6
- How to Check the OpenSSL Version Number in Linux
- How to Check the OpenSSL Version Number in Linux
- 1: How to Check the OpenSSL Version Using openssl version Command in Linux
- 2: How to Check the OpenSSL Version Using apt show openssl Command in Linux
- 3: How to Check the OpenSSL Version Using openssl version -a Command in Linux
- Bottom Line
- About the author
- Zainab Rehman
- How to distinguish which version of OpenSSL is installed?
- How To Check/Find OpenSSL Version?
- Find OpenSSL Version
- Find OpenSSL Version via Apt/Deb Package Manager
- Find OpenSSL Version via Dnf/Rpm Package Manager
- Display All Information About OpenSSL
- How To Determine and Print OpenSSL Version?
- Check and Print OpenSSL Version
- Print OpenSSL Directory
- Print Detailed Version Information
How to determine version of openssl library?
I have a pre-built OpenSSL library (libssl.a and libcrypto.a) which are being used for my C++ application. I don’t know the version of the OpenSSL library. Is there any way to get the version number from these pre-built libraries?
6 Answers 6
There is a string inside the library containing the version details called SSLEAY_VERSION — it looks like:
You can find this from the binary library using strings and grep:
strings libcrypto.so | grep "^OpenSSL \S\+ 3\+ \S\+ 3\+"
Yes. It works with static libs. Which means you can find out the OpenSSL (or maybe any other lib) version, when you know that it was statically linked to the binary. Simply use the binary as the input for the strings command. Neat!
You can do this programatically by reading the following:
Basically, you will need to use the following functions:
@Naseef: The example is simply cout
Well the filtering may may not always work. You could do
strings libssl.so | grep "^OpenSSL" OpenSSLDie OpenSSL 1.0.2n 7 Dec 2017 strings libcrypto.so | grep "^OpenSSL" OpenSSLDie OpenSSL_add_all_ciphers OpenSSL_add_all_digests OpenSSL 1.0.2n 7 Dec 2017 OpenSSL HMAC method OpenSSL EC algorithm OpenSSL RSA method OpenSSL DSA method OpenSSL ECDSA method OpenSSL DH Method OpenSSL X9.42 DH method OpenSSL PKCS#3 DH method OpenSSL ECDH method OpenSSL 'dlfcn' shared library method OpenSSL default OpenSSL default user interface OpenSSL CMAC method
How to Check the OpenSSL Version Number in Linux
OpenSSL is a cross-platform utility that can be used to convert digital certificates to different formats, build own certificate authorities and find the private keys from certificates. OpenSSL is a cryptographic and SSL toolkit for those users who work on digital certificates, development of applications, software testing, and security testing. This utility contains the implementation of SSL and TLS protocols.
It is pre-installed in the popular Linux distributions. The OpenSSL version you implement can be found on the command line in Linux.
How to Check the OpenSSL Version Number in Linux
There are different commands for checking the OpenSSL version number in the Linux:
1: How to Check the OpenSSL Version Using openssl version Command in Linux
The following command allows you to check the version of the OpenSSL your device is using:
The output is easy to understand as it contains the version designation and date of its release. The output 3.0.2 have different meanings:
Major Version: The first number in the version information is major version like in my case it is 3
Minor Version: The second number is 0 minor version
Letter release: The last number is for bug fixing tracking the minor release
2: How to Check the OpenSSL Version Using apt show openssl Command in Linux
If the OpenSSL is installed in Linux through the APT package, you can check the version by using the package manager:
3: How to Check the OpenSSL Version Using openssl version -a Command in Linux
The following command will provide all the information related to the OpenSSL, you can use it while troubleshooting and finding the bugs:
By executing the above commands, you will get the following results:
- Version of OpenSSL
- Date when OpenSSL was built
- Platform for building the OpenSSL
- Cryptography options of the OpenSSL
- Installation directory of the OpenSSL
- Engine directory
Bottom Line
You can check the version number of OpenSSL on your Linux through the execution of the simple commands. You must know the interpretation of the output and how to use OpenSSL to improve the security of your server. The commands mentioned above can be used to check the version of the OpenSSL in Debian based Linux. If you are a Linux user the easiest way to find the version of OpenSSL is through the openssl version.
About the author
Zainab Rehman
I’m an author by profession. My interest in the internet world motivates me to write for Linux Hint and I’m here to share my knowledge with others.
How to distinguish which version of OpenSSL is installed?
Nginx’s error log shows some OpenSSL Handshake errors and while searching for the cause I found confusing outputs of what OpenSSL version is used.
Details: Debian Jessie 8.7 64 Bit # apt-cache policy openssl openssl: Installed: 1.0.1t-1+deb8u6 Candidate: 1.0.1t-1+deb8u6 Version table: 1.0.2k-1~bpo8+1 0 100 http://ftp.debian.org/debian/ jessie-backports/main amd64 Packages *** 1.0.1t-1+deb8u6 0 500 http://security.debian.org/ jessie/updates/main amd64 Packages 100 /var/lib/dpkg/status 1.0.1t-1+deb8u5 0 500 http://mirror.hetzner.de/debian/packages/ jessie/main amd64 Packages 500 http://http.debian.net/debian/ jessie/main amd64 Packages # apt-cache policy nginx nginx: Installed: 1.9.10-1~bpo8+4 Candidate: 1.10.3-1~bpo8+1 Version table: 1.10.3-1~bpo8+1 0 100 http://ftp.debian.org/debian/ jessie-backports/main amd64 Packages *** 1.9.10-1~bpo8+4 0 100 /var/lib/dpkg/status 1.6.2-5+deb8u4 0 500 http://mirror.hetzner.de/debian/packages/ jessie/main amd64 Packages 500 http://http.debian.net/debian/ jessie/main amd64 Packages 500 http://security.debian.org/ jessie/updates/main amd64 Packages # nginx -V nginx version: nginx/1.9.10 built with OpenSSL 1.0.2j 26 Sep 2016 (running with OpenSSL 1.0.2k 26 Jan 2017) # openssl version -a OpenSSL 1.0.1t 3 May 2016 (Library: OpenSSL 1.0.2k 26 Jan 2017)
How can nginx runs with openssl 1.0.2k and o penssl version -a says that the Library is OpenSSL 1.0.2k but apt-cache policy openssl says installed is 1.0.1t ? Could someone shed some light, please?
How To Check/Find OpenSSL Version?
The OpenSSL is an open-source library that provides cryptographic functions and implementations. OpenSSL is a defacto library for cryptography-related operations and is used by a lot of different applications. OpenSSL is provided as a library and application. OpenSSL provides functions and features like SSL/TLS, SHA1, Encryption, Decryption, AES, etc.
Find OpenSSL Version
The OpenSSL provides the version command which provides information about the version, built date, platform, compiler flags, OpenSSL directory, etc. This command can be directly used to print the version of the installed OpenSSL like below.
From the output, we can see that the version is “1.2.3f”. These numbers have different meanings which are like below.
- Major Version of this OpenSSL is 1 which is the first number in the version information.
- Minor version number is 2 which is the second number in the version information.
- Letter release is “3f” which is used for bug fixing and tracking very minor releases.
- The version information also provides the build date which shows the date when the OpenSSL is build from source code as binary.
Find OpenSSL Version via Apt/Deb Package Manager
If the OpenSSL is installed via the apt or deb package manager the version information can be displayed by using these package managers. Even the OpenSSL is not installed provided OpenSSL version can be listed.
Find OpenSSL Version via Dnf/Rpm Package Manager
If the OpenSSL is installed via the dnf or yum or rpm package manager the version information can be displayed by using these package managers. Even the OpenSSL is not installed provided OpenSSL version can be listed.
Display All Information About OpenSSL
The version command can be all information about the OpenSSL in a more detailed way. The -a option is provided to the version command which lists the version and other information.
- The “built on” the date when the OpenSSL command and library has built.
- The “platform” is the OpenSSL platform for built.
- The “options” is cryptoghay options like RC4, DES, Blowfish.
- The “compiler” is the built compiler options.
- The “OPENSSLDIR” is the OpenSSL installation directory.
- The “ENGINESDIR” is the engine directory.
- The “Seeding source” is the random number generator seeding source.
How To Determine and Print OpenSSL Version?
OpenSSL is very long running project which have passed a lot of versions. Newer versions provides more features, bug fixes and security patches. For example in year 2014 a serious security hole Heart Bleed discovered in OpenSSL versions and affected OpenSSL libraries are defined as versions.Following versions was vulnerable to Hear Bleed.
So version is important part of the OpenSSL library.
Check and Print OpenSSL Version
We will use version verb with the OpenSSL command like below.
Print OpenSSL Directory
We can print the OpenSSL directory with version -d option like below.
Print Detailed Version Information
We can print more detailed version information like following
- Built time
- Platform and Architecture like 32 bit or 64
- Options
- Compiler flags
We can see in detailed version info that which cryptographic extensions and libraries are enabled like `-DSHA512 which specifies SHA512 is enabled.