• Home
  • |
  • Blog
  • |
  • Step-By-Step Procedure To Install OpenSSL On The Windows Platform
Install OpenSSL on The Windows Platform

OpenSSL is a small but powerful open source cross-platform utility, which can be used in various digital PKI certificate activities. OpenSSL can be used to convert the digital certificates from one to another format, export private keys from certificates, and build your own Certificate Authority. However, OpenSSL is included in basic packages in most of the popular Linux distributions. It is not required to install the OpenSSL on Linux. Well, the story is not similar in the case of the Windows platform. Don’t be disappointed, since OpenSSL is a cross-platform utility that supports Windows, Linux, and mac. You can install OpenSSL on the Windows platform just with few clicks.

Why Should You Install OpenSSL On Windows?

First of all, OpenSSL is not for normal users. It is not mandatory to install OpenSSL on the Windows platform. As we said earlier, OpenSSL is a cryptographic SSL/TLS tool kit, which provides a wide range of solutions for those who work on Digital Certificates, SSL/TLS testing, application development or implementation, application testing, and security testing. There are a lot of things you can do using OpenSSL. Only a few of them are listed here:

  1. You can create your own Certificate Authority and issue certificates on your network. 
  2. Convert digital certificates from one to another format. 
  3. Export or Import private keys from the certificates.
  4. Validate the HTTPS connections to the destination website.
  5. Verify the certificate of the destination website.
  6. Run benchmark tests of your server and remote website.
  7. Extract information like issuer, subject, issued and expiring dates, and fingerprint from certificates.
  8. Create CSR.
  9. Decode CSR and Certificates to verify contents.

You can enjoy the features of OpenSSL if you have installed it on your Windows machine.
Let’s begin the procedure to install OpenSSL on the Windows platform.

How To Install OpenSSL On The Windows Platform?

The installation procedure is very simple and straight. You should download the OpenSSL installer, run it to install, and configure Environment variables.

Time needed: 10 minutes.

How to Install OpenSSL on The Windows Platform?

  1. Download the OpenSSL installer

    Download the OpenSSL installer from the official OpenSSL download link: https://slproweb.com/products/Win32OpenSSL.html


    Download the OpenSSL installer for Windows

  2. Run the OpenSSL installer to install

    Execute the downloaded installer file and install the OpenSSL on the Windows machine.

    The installation procedure is quite simple and straight.
    1. Accept license agreement.
    2. Specify the Installation location.


    Specify the Installation location

  3. Initiate installing OpenSSL

    Set Start Menu location and the additional task then click on the Install button to initiate the OpenSSL installation.


    Initiate installing OpenSSL

  4. Installation in progress…….



    Installation of OpenSSL in progress

  5. Complete the installation of OpenSSL.

    The installation will take 5 to 10 seconds. Click Finish to complete the installation process.


    Finish installing OpenSSL

  6. Set Environment variable

    If you just want to set the environment varibles only for a login session, then run these commands.

    >set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg
    >set Path=
    C:\Program Files\OpenSSL-Win64\bin

    If you want to set the env variable for permanently, then add OPENSSL_CONF and Path env variable on System Properties.

    Open Run using ‘Windows’ + ‘r’ then type ‘sysdm.cpl‘. Go to Advanced > Environment Variable.

    Set OPENSSL_CONF and Path variables.


    Environment Variables to run OpenSSL on Windows

  7. Run OpenSSL

    Open the command prompt using ‘Windows’ + ‘r’ then type ‘cmd‘ to open command prompt.

    Type openssl version command on CLI to ensure OpenSSL is installed and configured on your Windows machine. You should see the version information if OpenSSL is configured correctly.


    Run OpenSSL on Windows

See Also  Step-By-Step Procedure To Install Linux Mint Linux On VMWare Workstation

Thats’s it. This is how you can install OpenSSL on the Windows platform. Simple itn’t it?

Thanks for reading the small tutorial. Please follow us on this blog to see more such tutorials and security updates.

Frequently Asked Questions:

1. What is OpenSSL?

OpenSSL is an open-source software library that provides cryptographic functionality and implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It is widely used to secure communications over computer networks and to create, manage, and verify digital certificates.

2. Why should I install OpenSSL on my Windows computer?

Installing OpenSSL on your Windows computer allows you to perform various cryptographic operations, such as generating public and private keys, creating Certificate Signing Requests (CSRs), and managing SSL/TLS certificates. It is particularly useful for developers, system administrators, and cybersecurity professionals.

3. Can I install OpenSSL on other operating systems besides Windows?

Yes, OpenSSL is available for various operating systems, including Linux, macOS, and BSD. The installation process may vary depending on the platform, but the overall concepts remain the same.

4. How do I download OpenSSL for Windows?

You can download precompiled OpenSSL binaries for Windows from a trusted third-party website, such as the Shining Light Productions’ Win32/Win64 OpenSSL Installer (https://slproweb.com/products/Win32OpenSSL.html). Make sure to download the appropriate version (32-bit or 64-bit) according to your Windows operating system.

5. How do I install OpenSSL on my Windows computer?

To install OpenSSL on your Windows computer, follow these steps:
1, Download the OpenSSL installer from a trusted source.
2. Run the installer and follow the installation wizard.
3. During installation, choose a directory where OpenSSL will be installed (e.g., C:\OpenSSL).
4. Once the installation is complete, add the OpenSSL directory to your system’s PATH environment variable.
5. Verify the installation by opening a Command Prompt and entering openssl version. You should see the OpenSSL version number displayed.

6. How do I update OpenSSL on my Windows computer?

To update OpenSSL on your Windows computer, download the latest version of the OpenSSL installer from a trusted source and run the installer. The new version will replace the existing installation. Make sure to update your system’s PATH environment variable if the installation directory has changed.

8. How do I generate a self-signed SSL certificate using OpenSSL on Windows?

To generate a self-signed SSL certificate using OpenSSL on Windows, follow these steps:
1. Open a Command Prompt.
2. Navigate to the OpenSSL directory (e.g., C:\OpenSSL\bin).
3. Enter the following command to generate a private key:
openssl genrsa -out private_key.pem 2048
4. Enter the following command to create a self-signed SSL certificate:
openssl req -new -x509 -key private_key.pem -out certificate.pem -days 365
5. Fill in the required information when prompted.

9. Can I use OpenSSL to connect to a remote server using SSL/TLS?

Yes, you can use the openssl s_client command to connect to a remote server using SSL/TLS. For example, to connect to a secure website, you can enter the following command in a Command Prompt:
openssl s_client -connect example.com:443

10. How do I get help with OpenSSL commands on Windows?

To get help with OpenSSL commands on Windows, you can use the openssl help command in a Command Prompt. This will display a list of available commands and their brief descriptions. For more detailed information on a specific command, you can type openssl <command> -help, replacing <command> with the desired command. Additionally, you can refer to the official OpenSSL documentation (https://www.openssl.org/docs/) or seek assistance from online forums and communities.

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

  1. Need your help. Running Windows 2019 server. Have only one (1) IP.

    Have one Standard UCC SSL Certificate with four (4) Subject Alternative Names (SANs)

    How do I install this so that all sites have the SSL certificate installed? We have the primary site and 4 SANs sites.

    Thank you

    1. Generate a CSR on the primary server and get the Certificate issued. Install the issued Certificate on your primary server, and export the certificate in PFX (with the private key). Reuse the PFX certificates on the remaining SAN servers.

      Note: The certificate only works only if you have the PFX certificate with the private key.

  2. (spyder-env) C:\Users\leifs\miniconda3>sysdm.cpl

    (spyder-env) C:\Users\leifs\miniconda3>set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg

    (spyder-env) C:\Users\leifs\miniconda3>set Path= C:\Program Files\OpenSSL-Win64\bin

    (spyder-env) C:\Users\leifs\miniconda3>openssl version
    'openssl' is not recognized as an internal or external command,
    operable program or batch file.

    (spyder-env) C:\Users\leifs\miniconda3>path
    PATH= C:\Program Files\OpenSSL-Win64\bin

    1. Hello Leir,

      I hope you have installed the OpenSSL and then tried to configure the Environment variables. If yes, could you try to configure the EnvVar on system properties?

  3. When you say "Download the OpenSSL installer from the official OpenSSL download link: https://slproweb.com/products/Win32OpenSSL.html&quot;, what's official about this link?

    The OpenSSL project site references this link with the disclaimer "Use these OpenSSL derived products at your own risk; these products have not been evaluated or tested by the OpenSSL project". That doesn't sound very official.

    Just wondering why I would trust this particular distribution? Genuinely interested in identifying a Windows bundle I can trust in my enterprise environment but struggling find something that's above my risk threshold.

    1. Hello Michael,

      We can understand your concern. We got this reference from the OpenSSL Wiki. Since OpenSSL project does not distribute any code in binary form, we are not left with any option other than relying on third parties.

      Our Believe is, OpenSSL trusts these third parties and doesn’t want to own the responsibilities. On the other hand, This could be the reason OpenSSL provides references on its official wiki page.

      On top of that, I have seen OpenSSL veterans using this link for downloading the binaries.

      Ref:
      https://www.openssl.org/community/binaries.html
      https://wiki.openssl.org/index.php/Binaries

    1. On the Windows OpenSSL installation, you may have openssl.cnf or openssl.conf files. Try locating any of these files and create an environmental variable pointing to the file. Or use -config flag in your openssl command to point the config file. We hope this solution may work for you.

      Please let us know if this solution solves your problem. This helps others who would fall into the same problem.

      Let us know if you need more help on this.

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.