I’d like to give you a heads-up about some changes we’re making at OpenSSL. We’re simplifying how
you can get our software, and that means we’re phasing out some older methods that don’t quite fit
with the way the web works today.
We’re no longer using our old ftp, rsync, and git links for distributing OpenSSL. These were
great in their day, but it’s time to move on to something better and safer. ftp://ftp.openssl.org
and rsync://rsync.openssl.org are not available anymore. As of June 1, 2024, we’re also going to
shut down https://ftp.openssl.org and git://git.openssl.org/openssl.git mirrors.
GitHub is becoming the main distributor of the OpenSSL releases. So here is the transition plan.
The steps will be spaced in 2-week intervals to gather and respond to any eventual feedback:
- Starting from the next patch release the tarballs will be uploaded only to GitHub, the download
link atopenssl.org/sourcewill redirect to the corresponding release atgithub.com. - One frequently downloaded old release at
openssl.org/sourcewill redirect to the corresponding
release atgithub.com. - All remaining frequently downloaded releases at
openssl.org/sourcewill redirect to the
corresponding releases atgithub.com.
Why change things? Well, here are a couple of straightforward reasons:
- Safety first: The web’s come a long way in terms of security, and sticking to HTTPS helps keep
everyone safer. - Keeping it simple: Fewer methods of distribution mean less clutter and confusion, letting us
focus on making OpenSSL even better. - Watching the budget: Streamlining things cuts costs, which means we can spend more on
improving OpenSSL and supporting you all.
That being said, the main source of OpenSSL releases will be
OpenSSL GitHub. OpenSSL Source
will remain only for backward compatibility and will redirect to GitHub.
Thanks so much for sticking with us. These updates will help us keep improving and ensure you have
the best and safest experience using OpenSSL.
Cheers!