OpenSSL 1.0.2* end of life

Latest response

Hello,

OpenSSL 1.0.2 is going end-of-life at the end of 2019. 1.0.2k is the latest release available in the RHEL repositories. When can we expect an update to 1.1.1 ?

https://www.openssl.org/blog/blog/2018/05/18/new-lts/

Responses

Hi Ben,

Just for your information ... OpenSSL 1.1.1 is already available for RHEL 8 :

https://access.redhat.com/downloads/content/openssl/1.1.1-8.el8/x86_64/fd431d51/package

I think it won't take too much time until it's available for RHEL 7 as well. :)

Regards,
Christian

Thanks Christian

You're welcome, Ben ! :)

Hi - please can you reconfirm the support status of OpenSSL v1.0.2 (in this case on RHEL 7.6 EUS)?

With OpenSSL v1.0.2 going EOL end of 2019, how does this https://www.openssl.org/policies/releasestrat.html affect support if at all please? Is there an EOL support date from RedHat on OpenSSL v1.0.2?

Thank you.

I'll provide our Python after 2020 page which provides a similar answer to a similar question, and I'll paste the important points below:

  • [An upstream project's] decision about which version of their project to support and develop is a separate choice to Red Hat's business decision about the level of technical support and software development offered on packages within Red Hat products such as RHEL and its derivatives.

  • Just because the [upstream] consider the software "unsupported" does not mean that [software] is "unsupported" within RHEL.

  • This difference between an "upstream project decision" and a "Red Hat product decision" is an important value provided by the RHEL subscription.

To answer your question directly, OpenSSL within RHEL7 remains supported for the entire lifecycle of RHEL7 as per the RHEL Product Lifecycle.

The version does not matter. We ship it, we support it.

Thank you very much for the prompt and clear response Jamie. Insightful and useful.

Much appreciated.

Now that openssl-1.0.2 no longer works with the recently expired Trust Chain Path A (AddTrust External CA Root) certificate, what's the plan?