* You can find it at http://www.openssl.org
The main, source, distribution is at [1 ]. Openssl has shipped with most linux distros for several years now, *BSD also has it in the standard distributions. As a small side note: be aware that older distributions *may* have an 'export' grade version installed. Do not use those for anything you really want to keep secret.
There seem to be three windows versions:
[what tcl bindings exist?]
DKF: Be aware that using a PKI and SSL does not necessarily make your system secure. For security, remember to audit your code and platform carefully and regularly (e.g. port scanning) and use safe interpreters everywhere appropriate.
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.
OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.
I know cygwin has a version of openssl, which works enough to make good high level encryption certificates, and there is an ssh for instance, too, maybe even a secure X server for the Xfree86 Xwindows emulation on windows, though I don't remember having made that work. It can simply be downloaded and installed with the package, except it is not so easy to find ones way through all stuff by simply following a document. The man pages are there, though, it has genkey and such comands. I think there is a library, too.
TV (Mar 9 2004) For what it is worth, this is the outline script I followed for the certificates on the tclhttpd server I let run [5 ] , which uses the secure socket extension, and starts up easily once you feed it the right certs:
openssl genrsa -out skey.pem openssl req -new -nodes -out ./server.pem -key ./skey.pem openssl genrsa -out key1.pem openssl req -x509 -nodes -out ca.pem -key key1.pem -new openssl genrsa -out key2.pem openssl req -x509 -nodes -out s.pem -key key2.pem -new openssl ca -keyfile key1.pem -cert ca.pem -in s.pem
The subject came up on the chat, I didn't see anything like it. I run it on a recent cygwin having openssl.
News: Due to a vaguely threatening email from the author of another Windows OpenSSL distribution, we are currently unable to provide binaries. Sorry for the inconvenience--we hope to have the download available again soon. Failing that, we will provide a link to a suitable Windows alternative.