OpenSSL 4.0 Upgrade: What You Need to Know
- Apr 20
- 4 min read
OpenSSL 4.0 final is released. This is not an LTS release. Support ends 14 May 2027. OpenSSL 4.1 follows in October 2026.
If you link against libcrypto or libssl, or ship anything that bundles OpenSSL, read the breaking changes before you touch your build pipeline.
What Does OpenSSL 4.0 Upgrade Mean for You?
OpenSSL 4.0 is a significant clean-up release. Years of deprecated code, legacy protocol support, and workarounds for ancient clients are gone. If you maintain infrastructure, ship software, or manage anything that links against OpenSSL, this release demands attention before you upgrade.
The short version: old TLS protocols are removed, the engine API is dead, and several internal structures are now opaque. Code that compiled cleanly against OpenSSL 3.x may not compile against 4.0 without changes. Scripts that parse openssl command output may produce different results due to formatting changes.
The new features are forward-looking. Post-quantum algorithm support, Encrypted Client Hello, and stricter FIPS enforcement reflect where the industry is heading. If compliance, modern TLS, or post-quantum readiness matters to your environment, there is value here.
One important note on lifecycle: this is not an LTS release. Support ends May 2027. Plan your upgrade path accordingly, particularly if you are evaluating whether to move production systems onto 4.0 or wait for a future LTS release.
Breaking Changes
These are incompatible changes. They will break existing code or tooling if you do not account for them.
SSLv2 Client Hello support is removed. OpenSSL previously allowed clients to send an SSLv2-format ClientHello to initiate a TLS handshake. That compatibility shim is gone.
SSLv3 is removed. SSLv3 was deprecated in 2015 and disabled by default since OpenSSL 1.1.0 in 2016. The code is now removed entirely. If anything in your stack still negotiates SSLv3, it will fail.
Engine support is removed. The no-engine build option and OPENSSL_NO_ENGINE macro are now always present. Custom engine integrations will not work. Migrate to providers.
Custom EVP methods are gone. Deprecated support for custom EVP_CIPHER, EVP_MD, EVP_PKEY, and EVP_PKEY_ASN1 methods has been removed.
ASN1_STRING is now opaque. You cannot access its internals directly. Any code that does will fail to compile.
API function signatures have changed. Numerous functions, particularly those handling X509 processing, now include const qualifiers on arguments and return types. Review your call sites.
X509_cmp_time(), X509_cmp_current_time(), and X509_cmp_timeframe() are deprecated. Use X509_check_certificate_times() instead.
libcrypto no longer cleans up global data via atexit(). OPENSSL_cleanup() now runs in a global destructor, or not at all by default. If your code relies on atexit() ordering for cleanup, audit it.
Deprecated error state functions are removed. ERR_get_state(), ERR_remove_state(), and ERR_remove_thread_state() are gone. ERR_STATE is now always opaque.
Fixed SSL/TLS version method functions are removed. Use version-flexible methods.
BIO_snprintf() now calls libc snprintf(). The internal implementation is gone.
BIO_f_reliable() is removed without replacement. It has been broken since 3.0.
c_rehash is removed. Use openssl rehash directly.
The msie-hack option in openssl ca is gone.
Deprecated elliptic curves per RFC 8422 are disabled at compile time by default. Use enable-tls-deprecated-ec to re-enable. Explicit EC curve support is also disabled by default; use enable-ec_explicit_curves to re-enable.
Darwin i386 and PowerPC build targets are dropped. darwin-i386, darwin-i386-cc, darwin-ppc, darwin-ppc64, and their -cc variants are no longer in Configurations.
Behaviour Changes Worth Noting
Hex output format has changed. The leading 00: prefix when printing key data where the most significant byte is >= 0x80 is removed. Tools that parse hex output from openssl commands will need updating.
Hex dump widths are standardised. Signatures dump at 24 bytes per line; everything else dumps at 16 bytes per line. Scripted output parsing may break.
PKCS5_PBKDF2_HMAC lower bounds are now enforced with the FIPS provider. Calls with iteration counts or key lengths below the FIPS minimum will fail.
AKID verification is enforced when X509_V_FLAG_X509_STRICT is set. Certificate chains that previously passed strict verification may now fail.
CRL verification now includes additional checks. Existing CRL validation logic should be tested against these stricter requirements.
New Features
Encrypted Client Hello (ECH, RFC 9849). ECH support is now included. See doc/designs/ech-api.md in the release for the API details.
Post-quantum and SM2 support. RFC 8998 is supported, covering the sm2sig_sm3 signature algorithm, curveSM2 key exchange group, and the hybrid post-quantum group curveSM2MLKEM768.
cSHAKE per SP 800-185. The cSHAKE extendable output function is now available.
ML-DSA-MU digest algorithm. Lattice-based digital signature support is added.
SNMP KDF and SRTP KDF. Both key derivation functions are now supported.
FIPS deferred self tests. The openssl fipsinstall command now accepts -defer_tests, allowing FIPS self tests to be deferred and run on demand rather than at install time.
Windows VC runtime linkage. You can now choose static or dynamic VC runtime linkage on Windows builds.
Negotiated FFDHE in TLS 1.2 per RFC 7919. Finite field Diffie-Hellman ephemeral key exchange can now be negotiated in TLS 1.2.
Support Lifecycle
OpenSSL 4.0 is not an LTS release. It is supported until 14 May 2027. If you need longer support, remain on OpenSSL 3.x LTS until an LTS designation is made for a future release.
Downloads are available from the OpenSSL download page and the GitHub releases page. Review CHANGES.md for the complete diff since OpenSSL 3.6.
Download and Installation
Get the latest FireDaemon OpenSSL builds from our website:
About FireDaemon: FireDaemon provides enterprise-grade Windows service management solutions, maintains optimised OpenSSL builds for Windows platforms, and offers OpenSSL integration and software development services to ensure businesses have access to the latest security updates and performance improvements.
