When we build and ship FireDaemon Fusion, we try to ensure it contains the most recent version of OpenSSL. We thought it would be useful to make our own OpenSSL Binary Distribution available for download for others to use in their own software projects.
OpenSSL keeps an informal list of available, 3rd-party maintained binaries. Here's our summary:
|OpenSSL for Windows||Pre-compiled Win32/x64 1.1.0 libraries with dependency on the Visual Studio 17 runtime (binary-compatible with 15). Primarily built for FireDaemon Fusion, but may be used for any Windows application. The OpenSSL DLL and EXE files are digitally code signed 'FireDaemon Technologies Limited'.||https://mirror.firedaemon.com|
Whenever FireDaemon releases a new FireDaemon Fusion build, or OpenSSL gets pushed out with very important (security) fixes, we ship FireDaemon Fusion with the latest OpenSSL state of the OpenSSL_1_1_0-stable branch at the time of (Fusion) release. The currently deployed OpenSSL library is version OpenSSL_1_1_0h-10-gcde87deafa as reported by:
git describe --always --tag --long --first-parent --dirty
The actual command line to build OpenSSL is as follows (where %toolset% is VC-WIN32 and VC-WIN64A respectively):
perl ..\Configure %toolset% no-asm no-ssl3 no-ui zlib zlib-dynamic --api=1.1.0 --prefix="%openssl-dst%" --openssldir=ssl --with-zlib-include="%zlib-include%" -DOPENSSL_NO_DEPRECATED
For reference, the whole build script creating the packages is attached to this article.
OpenSSL as shipped by FireDaemon Fusion depends on the Microsoft Visual Studio 17 runtime.
The external dependency creates much smaller modules and .pdb files, and suits well for how we ship FireDaemon Fusion. We believe that this shouldn't be too problematic these days, especially since the msvc14.1 runtime is binary compatible with applications built using the msvc14.0 runtime, and - once installed - the Universal C Runtime (CRT) is subject to automatic Windows updates.