We help IT Professionals succeed at work.

where to download Openssl client / utility for Windows

sunhux asked
btan in EE provided following command:
  openssl s_client -connect mailhost:25 -starttls smtp -ssl3

while https://devcentral.f5.com/articles/cve-2014-3566-removing-sslv3-from-big-ip
  openssl s_client -connect target:443 -ssl3

I'm assuming the above openssl is run from Linux.  

Where can I download the equivalent openssl  for Windows 7  or Win XP ?
Watch Question


Will need ready-to-run openssl binary.

The copy I got from https://www.openssl.org/related/binaries.html
appears to be an openssl server/service, not a client command or utility
btanExec Consultant
Distinguished Expert 2018
yes, strictly speaking, s_client is for non-windows, likewise for F5 reference. you should be seeing (if working), something close to if using "openssl s_client -connect example.com:443 -ssl3"
...:error:...:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1258:SSL alert number 40
...:error:....:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
Coming back, some possibilities below.

Use Cygwin to still run openssl commands including this in Windows.
- See this short brief for installing Cygwin with OpenSSL on Windows, may want to try out

Or another "indirect" mean as shared in below with webserver built, but actually just using  VC++ IDE CLI

in case you are interested in s_client options, you can check this out  - https://www.openssl.org/docs/apps/s_client.html

Actually, nmap has nse to enum cipher as well, if interested. During test to expect if working
80/tcp  open  http
443/tcp open  https
| ssl-enum-ciphers:
|   **SSLv3: No supported ciphers found**
|   TLSv1.0:
Peter HutchisonSenior Network Systems Specialist
Windows does not use OpenSSL, it has its own Cryptographic Services for providing secure communications. You can use tools such as CertReq.exe, CertUtil.exe,
You can download OpenSSL to create certificate requests, create certificate files, and do conversions between different types of ssl certs eg PEM, PFX etc.

Download for windows:
btanExec Consultant
Distinguished Expert 2018
Cygwin has OpenSSL package for running in windows
- http://www.slideshare.net/ganaaturuu/cygwinandopen-sslinstallguide
you can build with OpenSSL source (need Perl and VS)
- https://wiki.openssl.org/index.php/Compilation_and_Installation#Windows
Dave HoweSoftware and Hardware Engineer
official page at http://www.openssl.org/about/binaries.html lists some sources for precompiled copies - cygwin is great too, but is overkill if you just want the tool.

In practice,  I have a copy of apache on my machine for dev reasons,  so use the binaries from there :)


I've found a copy of Openssl that comes bundled with Trendmicr Securecloud & was able to execute
the openssl command indicated above on the Securecloud server running Win2008 R2 x64.

Quite a big folder of about 300MB in there: before I copy the entire 300MB folder down to
my laptop's Win7 (also x64), what are the chances it will work?  We have a limited bandwidth
when copying such huge files down so it's going to take a while
Exec Consultant
Distinguished Expert 2018
Not sure why have you gone into the bundled download if you are only interested in the openssl though. if you look at the windows binaries none have that huge size.

Furthermore, TM version is not sure if it is for Windows too as its docs did not explicitly state which platform the openssl is running, it looks like separate Linux machine to convert. There is also no details on TM download stated openssl x64