Openssl 3.0 / Openssl 1.1 at the same time in the same process
matt at openssl.org
Fri Jun 30 13:35:55 UTC 2023
On 30/06/2023 13:59, Frank Gross wrote:
> Hi, my company will soon update our product to work with openssl 3.0,
> delivered within the product. It is basically one process that loads
> dynamically that openssl 3.0 lib to manage https communication. But the
> process can also load dynamically (via configuration) database client
> drivers installed on a computer. (Mainly to perform secure connection
> with the database engine). But those database drivers are linked with
> the openssl version of the system. That is mainly openssl version 1.1.
> We did some tests and both openssl libraries (v3.0 and v1.1) can be
> loaded at the same time in the same process, and seems to work without
> any issue.
> What is your opinion about loading 2 different versions of the openssl
> in one single process ? Is this something you recommend ? support ?
I've seen "bad things" happen with two different versions of OpenSSL
loaded at the same time. Usually I've seen it where statically linked
OpenSSL is used as well as a dynamically linked OpenSSL (as opposed to
two different dynamically linked versions of OpenSSL being loaded)
This is a very much "untested" configuration. I wouldn't recommend it.
> What is the strategy about migrating from openssl 1.1 to openssl 3.0 ?
> Frank Gross
More information about the openssl-users