How to install OpenSSL in windows 10?

Question

I have a question about how and what is the version of OpenSSl that I must install in Windows to later create certificates. Install a one version (openssl-1.0.2d-fips-2.0.10) found in SourceForge but it does not generate the files correctly. There is also the official website https://www.openssl.org, but I do not know how to install it and how, so that when it comes to generating the keys and .pem file, it works. Generate some environment variables that point to the folder where I unzipped the downloaded, I do not know if it is the correct way.

Answer 1

I also wanted to create OPEN SSL for Windows 10. An easy way to do it without running into a risk of installing unknown software from 3rd party websites and risking entries of viruses, is by using the openssl.exe that comes inside your Git for Windows installation. In my case, I found the open SSL in the following location of Git for Windows Installation.

C:\Program Files\Git\usr\bin\openssl.exe

If you also want instructions on how to use OPENSSL to generate and use Certificates, here is a write-up on my blog. The step by step instructions first explains how to use Microsoft Windows Default Tool and also OPEN SSL and explains the difference between them.

https://kaushikghosh12.blogspot.com/2016/08/self-signed-certificates-with-microsoft.html

Answer 2

If you have chocolatey installed you can install openssl via a single command i.e.

choco install openssl

Answer 3

In case you have Git installed,

you can open the Git Bash (shift pressed + right click in the folder -> Git Bash Here) and use openssl command right in the Bash

Answer 4

Do you have Git installed?
You can access openssl command from Git Bash without adding any environment variable.

But, if you want to access the openssl command from Windows cmd, then follow me:

1. Find the path of the bin directory of Git. Normally it is at

C:\Program Files\Git\usr\bin\

2. Then add the path your environment variable (User variables -> Path):

3. 

4. Now open a new command prompt (don't use an already opened cmd, because the already opened cmd doesn't know the new environment variable).

Now write:

openssl

Answer 5

Either set the openssl present in Git as your default openssl and include that into your path in environmental variables (quick way)

OR

1. Install the system-specific openssl from this link.
2. set the following variable : set OPENSSL_CONF=LOCATION_OF_SSL_INSTALL\bin\openssl.cfg
3. Update the path : set Path=...Other Values here...;LOCATION_OF_SSL_INSTALL\bin

Answer 6

Necroposting, but might be useful for others:

• There's always the official page ([OpenSSL.Wiki]: Binaries) which contains useful URLs (pointing to unofficial resources / builds, make sure to read the Important Disclaimer)

• There are other repositories which contain unofficial builds

  • Here I want to mention: [GitHub]: CristiFati/Prebuilt-Binaries - Prebuilt-Binaries/OpenSSL

    • FIPS considerations:

      • v1.0.2u (FIPS capable) is built with OpenSSL-FIPS 2.0.16

      • v3.* also include a FIPS provider (check instructions on how to enable it - e.g. for Nix: [SO]: OpenSSL 3.0.8: FIPS functionality not working with libcrypto library in custom path)

    • Artefacts are .zips that should (typically) be unpacked in:

      • Win: C:\Program Files (C:\Program Files (x86))

      • Nix: /usr/local

      Please take a look at the Readme.md file (and also at the one at the repository root)

• Other (3^rd-party) software may bundle OpenSSL, so it gets "installed" as a side effect. Such software (mentioned by other answers): Conan, Cygwin, Git, MSYS2, VCPkg, WSL (well, this is not actually Win)

• And of course, you can build it yourself from sources, but that requires a little bit deeper knowledge ([GitHub]: openssl/openssl - (master) openssl/NOTES-WINDOWS.md)

Note: when having a functional OpenSSL instance (using whatever method above), here's how you can use it (if you need it into your own projects) from VStudio: [SO]: How to include OpenSSL in Visual Studio (@CristiFati's answer).

Answer 7

I recently needed to document how to get a version of it installed, so I've copied my steps here, as the other answers were using different sources from what I recommend, which is Cygwin. I like Cygwin because it is well maintained and provides a wealth of other utilities for Windows. Cygwin also allows you to easily update the versions as needed when vulnerabilities are fixed. Please update your version of OpenSSL often!

Open a Windows Command prompt and check to see if you have OpenSSL installed by entering: openssl version

If you get an error message that the command is NOT recognized, then install OpenSSL by referring to Cygwin following the summary steps below:

Basically, download and run the Cygwin Windows Setup App to install and to update as needed the OpenSSL application:

1. Select an install directory, such as C:\cygwin64. Choose a download mirror such as: http://mirror.cs.vt.edu
2. Enter in openssl into the search and select it. You can also select/un-select other items of interest at this time. The click Next twice then click Finish.
3. After installing, you need to edit the PATH variable. On Windows, you can access the System Control Center by pressing Windows Key + Pause. In the System window, click Advanced System Settings → Advanced (tab) → Environment Variables. For Windows 10, a quick access is to enter "Edit the system environment variables" in the Start Search of Windows and click the button "Environment Variables". Change the PATH variable (double-click on it or Select and Edit), and add the path where your Cywgwin is, e.g. C:\cygwin\bin.
4. Verify you have it installed via a new Command Prompt window: openssl version. For example: C:\Program Files\mosquitto>openssl versionOpenSSL 1.1.1f 31 Mar 2020
   • If not, refer to the Cygwin documentation and also other tutorials such as: https://www.eclipse.org/4diac/documentation/html/installation/cygwin.html

Answer 8

Here's a solution that may delight those who have implemented WSL (Windows Subsystem for Linux). You can just use:

wsl openssl ...whatever_args...

The point is that many who've implemented WSL may not realize they can call upon ANY linux command (within their underlying WSL linux vm) right from the DOS or powershell command-line this way. (It's easy to fall into thinking the point of WSL is to use it to "shell into the vm", which is indeed an option, but the power to just run linux commands from Windows is a real value-add of WSL.)

And to be clear, in doing the command as above, whatever file names or folders you may point to (or create) will be relative to the Windows folder from which you run the command. So doing for example, openssl req to create a self-signed cert, where you may name -keyout selfsigned.key -out selfsigned.crt, those two files will be created in the Windows folder where you ran the command.

That said, there are ways this could fall down for some openssl command examples one may find, such as if they tried to use various bash-specific arguments, in which case "shelling into wsl" to run the command may well be the better choice. You could still direct things to be found or placed on the host, but I don't mean this answer to become overly-focused on such WSL aspects. I just wanted to propose it as another alternative to installing openssl.

Answer 9

If you are running Windows 10 1709 (build 16299) or later versions, you can use winget command below to install OpenSSL

winget install -e --id ShiningLight.OpenSSL

Or if you have Git for Windows installed on your system, you can also find OpenSSL in Git file directory.

C:\Program Files\Git\usr\bin\openssl.exe

For more details, check this guide 3 Methods on How to Install OpenSSL on Windows.

Answer 10

I installed openssl 3.0.0 from https://slproweb.com/products/Win32OpenSSL.html. then I go to windows start ->openssl->Win64 OpenSSL Command Prompt, it opens a window like regular dos window, all I need is to go to the installation folder of openssl.

Answer 11

Open your

Git Bash

Move to your directory if required.

Run your command. eg.

openssl 

Answer 12

Install scoop then type

scoop install openssl

Answer 13

If you are working on Windows, simply install Git and add Git's bin folder to your system's path by using the following location: C:\Program Files\Git\usr\bin\

1. Edit environment Variables
2. Edit Path
3. Add Git's bin path

Then, just restart your terminal and try again.

Answer 14

Check openssl tool which is a collection of Openssl from the LibreSSL project and Cygwin libraries (2.5 MB). NB! We're the packager.

One liner to create a self signed certificate:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout selfsigned.key -out selfsigned.crt

Answer 15

install gitbash and then you can directly use OpenSSL

Answer 16

Just install the latest version with a simple Installer Script :

if (!(Get-Command -Name Install-OpenSSL -Type ExternalScript -ErrorAction Ignore)) { Install-Script -Name Install-OpenSSL -Repository PSGallery -Scope CurrentUser }
Install-OpenSSL

The script is cross-platform and If you have git's openssl, it will add that to $Env:Path. ie: It won't install another one unless you -Force it to.

I hope this helps :)

Answer 17

you can get it from here https://slproweb.com/products/Win32OpenSSL.html

Supported and reqognized by https://wiki.openssl.org/index.php/Binaries