Static linking libssl.a and libcrypto.a on Linux x64 fails

Floodeenjr, Thomas thomas_floodeenjr at
Mon Nov 18 13:44:13 UTC 2019

If you want to link statically, when dynamic libraries are also available, you need to tell the linker that you want to use static libraries, otherwise it will always assume dynamic

LINK_LIBS = -Wl,-Bstatic -lstaticlibs -lcrypto -lssl -lz -Wl,-Bdynamic -ldynamiclibs

-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at] On Behalf Of Michael Wojcik
Sent: Monday, November 18, 2019 5:29 AM
To: openssl-users at
Subject: RE: Static linking libssl.a and libcrypto.a on Linux x64 fails

> From: Aijaz Baig [mailto:aijazbaig1 at]
> Sent: Wednesday, November 13, 2019 19:58

> However my current concern here is meeting libSSL and libCrypto's 
> dependencies on host libraries on Linux platform. For instance, when I 
> talked about 'linking' errors with respect to symbols like 'dlopen', so as I mentioned, I had to specify '-ldl'
> and '-lz' to the gcc linker that suggests a dynamic dependency on 
> these platform libraries.

The -l flag can specify static as well as dynamic libraries, so its use doesn't in itself imply dynamic linking.

However, if you need libdl, then something in the application or one or more of the libraries contains references to runtime dynamic linking functions, which suggests the application may be doing explicit dynamic linking. And if memory serves, libdl is only available as a shared object, not as a static library.

> I was trying to understand the components that would be needed to 
> package the whole shebang into an archive which I can later 'just run' 
> on a similar Linux system that has been completely stripped down for 
> purposes of size and speed

Ultimately, you can only statically link objects that you have available for static linking. If you only have the C runtime (glibc) or libz or whatever as a dynamic library, then dynamic linking is your only option for them.

Also, static linking generally increases the size requirements, since you duplicate object code into applications rather than having it in a single shared object.

Michael Wojcik
Distinguished Engineer, Micro Focus

More information about the openssl-users mailing list