Installing OpenSSL on Windows 10 and updating PATH
I recently discovered a convoluted way to build an iOS .ipa package without using a MacBook. It involves many steps, one of which is using OpenSSL for Windows. Instead of creating one huge blog post with all steps defined in detail, I decided to split them up in bite-size articles. This is one of them. Here I will teach you to do the following:
- Install OpenSSL
- Add OpenSSL to your PATH
Install OpenSSL
This step is a simple one. Simply choose the version that applies to your PC from here. As example, I chose the Win64 OpenSSL v1.1.1g MSI (not the light version) from the table:
Run the EXE or MSI with default settings till completion and that should take care of installing OpenSSL!
Add OpenSSL to your PATH
Why do we want to do this? First off, it’s not a necessity, it just makes it more convenient to use OpenSSL from the command line in the directory of your choice. After the initial install, the openssl.exe is only available from the directory where it resides, namely:
You could open a command prompt from here and perform the operations you want, but as I am using this to create a Certificate Signing Request (CSR) for a specific purpose, I like to create that from the directory where I’d like to keep that CSR. To do that, lets add it to our PATH, which we can find in the Environment Variables. Here we go:
- Hit the Windows button on your keyboard or click it in the task bar, then search for “Environment Variables”.
- In the following screen, click “Environment Variables”.
- A screen will pop up showing User variables and System variables. In the User variables section, select Path and click Edit.
- Click on Browse.
- Go to where the openssl.exe is, which should be at “This PC > Windows (C:) > Program Files > OpenSSL — Win64 > bin” and select that folder. Click OK.
- You should see it added at the top. Make sure to click OK on this screen and the subsequent screens.
- Let’s verify that OpenSSL is now accessible from outside its own directory by opening a Command Prompt in an arbitrary location (I just opened the Command Prompt and left it at its default directory). Enter openssl version and see the result.
Important note: if you already had a command prompt open, you will need to close and reopen in order for this to work. Michael Galloway thank you for this remark!
And that’s it! You should now be able to use OpenSSL from the directory you desire.
How to Installing OpenSSL on Windows 10, 11
OpenSSL is a single-system image clustering system that is open-source. It allows a group of computers to be viewed as a single colossal system, giving programs running on any one machine access to all of the cluster’s resources. [It is the culmination of a long development process that began with the development of LOCUS in the early 1980s.
OpenSSL allows a group of separate computers (nodes) to be regarded as one massive system. Processes running on any node have full access to all node resources.
Functionalities can be automatically transferred from node to node to balance system utilization. Alternatively, the cluster might be set up so that each node has direct access to the file system.
Step 1 Download OpenSSL Binaries
In our article, we are downloading
Step 2 Unpack OpenSSL Zip files
Unpack the content of (openssl-1.0.2j-fips-x86_64.zip) zip file into your desired location in our example we are using (D:\OpenSSL) folder
This comes with three folders (bin, include & lib) as shown in the image
Step 3: Set OpenSSL Path in Windows path
We have extracted OpenSSL files in directory D:\OpenSSL\bin
So our OpenSSL path is D:\OpenSSL\bin
Open explorer and right-mouse click on This PC icon as shown in the image
Under System About window click on the Advanced system settings button
Under the System Property window click on the Environment Variables button
Under the Advanced Environment window select Path and then click on the Edit button
Under the Environment Variable window click on the New button
Paste the path of OpenSSL (D:\OpenSSL\bin) and click the OK button
Step 4: Set System Variable for OPENSSL_CONF
Now to set system variable for OPENSSL_CONF
Click on the New button under the System Variable window
Now add system variable values as given, the path to your openssl.conf file location as shown below, and click on the OK button
Name: OPENSSL_CONF
Value: D:\OpenSSL\bin\openssl.cnf
Now you can see that the system variable is set
For window 10 and 11 you don’t have to restart your system to effect changes, else you need to restart the system
Step5: Test OpenSSL
To test OpenSSL installed properly open the terminal and check the OpenSSL version
If it displays the OpenSSL version then OpenSSL is installed properly.
Important Commands for Open SSL
Creating a Private Key
Private Key is very important it is required for all operations in SSL, this Private key is required to create a CSR file.
It will ask for the password, please keep the password in a safe place because it is required in many places.
1. Create CSR Creating a Certificate Signing Request
CSR file is required to generate an SSL certificate.
This CSR file contains information about the certificate and private key
Information required by CSR:
Enter pass phrase for mydomain-com.key:
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Haryana
Locality Name (eg, city) []:Gurgaon
Organization Name (eg, company) [Internet Widgits Pty Ltd]:myDomain
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:www.mydomain.com
Email Address []:contact@mydomain.com
Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Important: Common Name is the Fully Qualified Domain Name for which you want an SSL certificate.
This CSR file is used by different SSL certificate companies to generate SSL Certificate
Generate Private key and CSR with Single command.
Creating a Self-Signed Certificate
A self-Signed Certificate is an SSL certificate is generated by using your own private key, it is not used for commercial purposes because it shows a warning that says the certificate is not trusted.
So self-signed certificate can be used for development and testing purposes.
Convert CRT file to PFX file
The .pfx file is required to install an SSL certificate in the windows system, this file contains Private Key and SSL certificate.
Tutorial: OpenSSL provision on Windows 10 and Windows 11
OpenSSL was previously reserved for Linux operating systems or had to be compiled from the source code itself under Mac and Windows. With Win32/Win64 OpenSSL, the open source software library can also be run on 32-bit and 64-bit Windows OS (x86/i386) and can be integrated on Windows machines via installer.
OpenSSL is widely used and found by encryption in numerous application and secure connections, as well as for SSL/TLS connections HTTPS, including cryptography in SSH, OpenVPN and DNSSEC.
The Win32/Win64 OpenSSL installation project from Shining Light Productions (slproweb.com) carrying the ease of deployment of OpenSSL for Microsoft Windows. The installation consists of downloading and unpacking the binaries, which eliminates the need to compile source code.
Installation
This tutorial shows two methods to deploy OpenSSL on Windows 10 and Windows 11. The simple method right at the beginning, by running Windows Package Manager with hit the Windows-logo + R keys and enter cmd in the Run box then click OK, or press and hit cmd then click the command prompt icon.
Click Start
and hit cmd
In the now opened command prompt ran the following command, if you are not authorized as administrator with the logged in user, you can select “Run as administrator”.
The Windows package manager “winget” allows you to install applications and other packages by using the command line. If winget is started for the first time, you will be prompted to confirm the source agreement terms, by hit the Y key.
The OpenSSL package is now installed. The second method is to download and install the package. The table (screenshot) on the slproweb.com website contains the versions for Win32 and Win64 OpenSSL as EXE and MSI installers.
Website: https://slproweb.com/products/Win32OpenSSL.html
Recommended here is the latest version with the most commonly used essentials of Win64 OpenSSL v3.0.7, at the time of writing this article, it is Win64 OpenSSL v3.0.7 EXE Light, at the top of the first line.
Double-click to execute the file Win64OpenSSL_Light-3_0_7.exe will the setup wizard appears. Confirm the Windows Account Control (UAC) with Yes to continue the installation.
The setup wizard unpacks and copies the OpenSSL files.
After the OpenSSL files are copied and installed, the search path and environment variable are now added to the operating system, with + R and paste SYSTEMPROPERTIESADVANCED and click OK.
The System Properties window opens.
Click the Environment Variables button at the bottom.
In the lower area System Variables, select the Path line with the mouse and click on the Edit button.
In the “Edit Environment Variables” window, click New to add the path to the OpenSSL-Win64\bin folder under Program files. The path in which the file openssl.exe is located can be found with Windows Explorer and copied to the clipboard, there is also the possibility to choose the path to the bin folder with the Browse button. Confirm the action with OK.
Now add another system variable with click New.
Enter OPENSSL_CONF in the Variable name field. In the next field insert the path to which the file openssl.cnf is located, here it is C:\Program Files\OpenSSL-Win64\bin\cnf\openssl.cnf
The installation is now complete and OpenSSL can be used. First of all, there is the opportunity to check the OpenSSL provisioned release.
The OpenSSL Toolkit is a versatile utility with many options, but under Windows there is not the possibility of using the man page, as is known on Linux. However, the openssl help command provides context-sensitive help, such as openssl help s_client or use openssl help x509 or openssl help req to show just a few examples. Help is also offered on the documentation pages on the web, where manpages can also be found.
Useful OpenSSL Examples
A few of the most commonly used openssl command examples in the console are shown below, note that this is not a comprehensive collection of all possible applicable commands of this powerful open source toolkit.
Displaying and print the ca-cert.pem certificate file in plain text.
View and verify the contents of CSR x509-check.csr in plain text.
Verify key consistency of the rootCA.key file.
Check md5 checksum of certificate ca-cert.pem file.
Convert certificate from pem to p7b format and write to temp folder.
Convert certificate rootCA.pem to PKCS12 format as rootCA.p12 file.
Generate SSL certificate and key on a single line, using SHA256 with RSA 2048 encryption, the certificate will be valid for 1 year.
Check connection to imap.gmail.com service 993 to get more useful results like than as in telnet.
Try to connect service 587 on smtp.gmail.com using the starttls protocol, possibly to check a firewall policy for its effect.
Check protocol version and ciphersuite, peer certificate and hash used.
Generate a random password in base64 using OpenSSL, can be used as a passphrase to hide private keys from spying eyes.
These were just a few examples, because openssl is a versatile toolkit that offers numerous application options.
Conclusion
The OpenSSL open-source library for cryptography is more important than ever and indispensable. Connections are encrypted and protected, so why shouldn’t the OpenSSL Toolkit be used on Windows? Creating and managing Digital X. 509 certificates, check algorithms for data encryption such as Chiper Suite, digital fingerprint, MD5 and SHA hash values can be checked, which was previously reserved only for Linux.
Как установить openssl на windows 10
OpenSSL is a small but powerful open source cross-platform utility, which can be used in various digital PKI certificate activities. OpenSSL can be used to convert the digital certificates from one to another format, export private keys from certificates, and build your own Certificate Authority. However, OpenSSL is included in basic packages in most of the popular Linux distributions. It is not required to install the OpenSSL on Linux. Well, the story is not similar in the case of the Windows platform. Don’t be disappointed, since OpenSSL is a cross-platform utility that supports Windows, Linux, and mac. You can install OpenSSL on the Windows platform just with few clicks.
Table of Contents
Why Should You Install OpenSSL On Windows?
First of all, OpenSSL is not for normal users. It is not mandatory to install OpenSSL on the Windows platform. As we said earlier, OpenSSL is a cryptographic SSL/TLS tool kit, which provides a wide range of solutions for those who work on Digital Certificates, SSL/TLS testing, application development or implementation, application testing, and security testing. There are a lot of things you can do using OpenSSL. Only a few of them are listed here:
- You can create your own Certificate Authority and issue certificates on your network.
- Convert digital certificates from one to another format.
- Export or Import private keys from the certificates.
- Validate the HTTPS connections to the destination website.
- Verify the certificate of the destination website.
- Run benchmark tests of your server and remote website.
- Extract information like issuer, subject, issued and expiring dates, and fingerprint from certificates.
- Create CSR.
- Decode CSR and Certificates to verify contents.
You can enjoy the features of OpenSSL if you have installed it on your Windows machine.
Let’s begin the procedure to install OpenSSL on the Windows platform.
How To Install OpenSSL On The Windows Platform?
The installation procedure is very simple and straight. You should download the OpenSSL installer, run it to install, and configure Environment variables.
Time needed: 10 minutes.
How to Install OpenSSL on The Windows Platform?
-
Download the OpenSSL installer
Download the OpenSSL installer from the official OpenSSL download link: https://slproweb.com/products/Win32OpenSSL.html
Execute the downloaded installer file and install the OpenSSL on the Windows machine.
The installation procedure is quite simple and straight.
1. Accept license agreement.
2. Specify the Installation location.
Set Start Menu location and the additional task then click on the Install button to initiate the OpenSSL installation.
The installation will take 5 to 10 seconds. Click Finish to complete the installation process.
If you just want to set the environment varibles only for a login session, then run these commands.
>set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg
>set Path= C:\Program Files\OpenSSL-Win64\bin
If you want to set the env variable for permanently, then add OPENSSL_CONF and Path env variable on System Properties.
Open Run using ‘Windows’ + ‘r’ then type ‘sysdm.cpl‘. Go to Advanced > Environment Variable.
Set OPENSSL_CONF and Path variables.
Open the command prompt using ‘Windows’ + ‘r’ then type ‘cmd‘ to open command prompt.
Type openssl version command on CLI to ensure OpenSSL is installed and configured on your Windows machine. You should see the version information if OpenSSL is configured correctly.
Thats’s it. This is how you can install OpenSSL on the Windows platform. Simple itn’t it?
Thanks for reading the small tutorial. Please follow us on this blog to see more such tutorials and security updates.
Frequently Asked Questions:
OpenSSL is an open-source software library that provides cryptographic functionality and implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It is widely used to secure communications over computer networks and to create, manage, and verify digital certificates.
Installing OpenSSL on your Windows computer allows you to perform various cryptographic operations, such as generating public and private keys, creating Certificate Signing Requests (CSRs), and managing SSL/TLS certificates. It is particularly useful for developers, system administrators, and cybersecurity professionals.
Yes, OpenSSL is available for various operating systems, including Linux, macOS, and BSD. The installation process may vary depending on the platform, but the overall concepts remain the same.
You can download precompiled OpenSSL binaries for Windows from a trusted third-party website, such as the Shining Light Productions’ Win32/Win64 OpenSSL Installer (https://slproweb.com/products/Win32OpenSSL.html). Make sure to download the appropriate version (32-bit or 64-bit) according to your Windows operating system.
To install OpenSSL on your Windows computer, follow these steps:
1, Download the OpenSSL installer from a trusted source.
2. Run the installer and follow the installation wizard.
3. During installation, choose a directory where OpenSSL will be installed (e.g., C:\OpenSSL).
4. Once the installation is complete, add the OpenSSL directory to your system’s PATH environment variable.
5. Verify the installation by opening a Command Prompt and entering openssl version . You should see the OpenSSL version number displayed.
To update OpenSSL on your Windows computer, download the latest version of the OpenSSL installer from a trusted source and run the installer. The new version will replace the existing installation. Make sure to update your system’s PATH environment variable if the installation directory has changed.