Why is Apple Deprecating OpenSSL in MacOS 10.7 (Lion)?

openssl osx-lion
vy32 picture vy32 · Sep 13, 2011 · Viewed 17.3k times · Source

Apple has marked most (but not all) of the OpenSSL API as "deprecated" in MacOS 10.7. Has Apple made any statements explaining why they are moving from OpenSSL to Common Crypto?

Answer

Nick Dowell picture Nick Dowell · Jun 5, 2013

Because OpenSSL doesn’t offer API compatibility between versions

This means that Apple can't provide security updates without breaking existing apps.

http://rentzsch.tumblr.com/post/33696323211/wherein-i-write-apples-technote-about-openssl-on-os-x

Related questions

Working with openssl to extract information from a pkcs12 certificate

I would like some help with the openssl command. I need to automate the retrieval of the subject= line in a pkcs12 certificate for a script I'm working on. I've used openssl to view the contents of the Identity/Certificate: …

Read More
How to create a self-signed certificate with OpenSSL

I'm adding HTTPS support to an embedded Linux device. I have tried to generate a self-signed certificate with these steps: openssl req -new > cert.csr openssl rsa -in privkey.pem -out key.pem openssl x509 -in cert.csr -out …

Read More
How to get .pem file from .key and .crt files?

How can I create a PEM file from an SSL certificate? These are the files that I have available: .crt server.csr server.key

Read More