After five months of development, the release of the library Openssl 3.3.0 has been announced with the implementation of the SSL/TLS protocols and various encryption algorithms. Support for OpenSSL 3.3 will be maintained until April 2026. Meanwhile, support for previous branches Opensl 3.2, 3.1, and 3.0 LTS will last until November 2025, March 2025, and September 2026, respectively. The project code is distributed under the Apache 2.0 license.
Key highlights of Opensl 3.3.0 include:
- The integration of the Quic Protocol (RFC 9000), which serves as a framework over the UDP protocol for HTTP/3. New features include support for tracing QUIC connections through diagnostic logs in qlog, and support for polling in the non-closing mode of QUIC and stream objects.
- Implementation of the Certificate Management Protocol (CMP), as specified in RFC 9480 and RFC 9483.
- Enhancements such as the ability to disconnect during the assembly stage using the atexit function, and the addition of functions to address the 2038 problem for SSL_SESSION.
- Implementation of the Chinese theorem about residues (CRT) in the EVP_PKEY_FROMDATA functions.
- Additional features like the ability to ignore unknown signature algorithm names set in the TLS configuration parameters, and configuring the priority use of PSK-keyboard on the TLS 1.3 server during session restoration.
/Reports, release notes, official announcements.