back to article OpenSSL 1.1.1 reaches end of life for all but the well-heeled

OpenSSL 1.1.1 has reached the end of its life, making a move to a later version essential for all, bar those with extremely deep pockets. OpenSSL 1.1.1 was originally released in 2018 as a Long Term Support (LTS) version of the open-source secure communication library. At the time, the team behind it declared that it would be …

  1. Anonymous Coward
    Anonymous Coward

    It's been a few years since I've had to look at this, but back then the major impediment to upgrading to a newer release was that 3.0 didn't have a FIPS 140 certified version. That should have been addressed by now.

    1. CommonTater

      OpenSSL 3 snuck in under the wire for FIPS 140-2. 3.1 is intended to bring 140-3, but I haven’t been tracking that closely.

      If you migrated from 1.0 to 1.1, the migration from 1.1 to 3.0 is much easier.

  2. Anonymous Coward
    Anonymous Coward

    The most recent Citrix VPN client for Linux still only works with the 1.1.1, so the only way I can connect to my university employers' VPN is by using an outdated security library on an unsupported version of Linux. Nice work, IT guys.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like