OpenSSL requirements (Unix and OpenVMS)

On Windows, as of Synergy/DE 12, the features listed below do not require OpenSSL. Instead, Synergy interfaces with Microsoft Secure Channel (Schannel) for xfServer, xfServerPlus, the HTTP document transport API, and SQL OpenNet encryption. For data encryption, Microsoft CNG (Cryptography API: Next Generation) routines are used. Using the MySQL 8 database with SQL Connection requires OpenSSL 1.1.1 (or higher) regardless of whether you are using data packet encryption; see MySQL notes and examples.

On Unix and OpenVMS, the following Synergy/DE features require OpenSSL. Before installing OpenSSL, consult the documentation pertaining to the feature you plan to use for additional details and information on any environment variables or paths you need to set.

• Synergy HTTP Document Transport API to send and receive documents via HTTPS
• Data encryption for encrypting data at the application level
• Client/server encryption with xfServer or xfServerPlus. For xfServer, see Using client/server encryption. For xfServerPlus, see Using xfServerPlus encryption.
• Data packet encryption with SQL OpenNet

Unix

For Synergy/DE 12.3, in general you should use the version of OpenSSL that comes from the vendor and is specific to your Unix platform and version. We added support for OpenSSL 3 in 12.2.1.1008, but binaries may not be available on all platforms. See the bullets below for details. If you use MySQL 8 with SQL Connection, OpenSSL 1.1.1 (or higher) is required.

The OpenSSL shared libraries required by Synergy/DE are named libssl.so.# and libcrypto.so.#, where # is the version number. (This could be a single digit or multiple digits using dot notation; for example, 3, 1.1, 1.0.2.) You can run the dltest utility to verify OpenSSL is installed in the correct location.

Synergy products that use OpenSLL check for the following libraries in the order given:

libssl.so.3 and libcrypto.so.3

libssl.so.1.1 and libcrypto.so.1.1

libssl.so.1.0.2 and libcrypto.so.1.0.2

libssl.so.1.0.0 and libcrypto.so.1.0.0

libssl.so and libcrypto.so

OS-specific details:

• For IBM AIX, use the version installed with the operating system. It must be at least 1.0.2r. You can verify your version using the command “openssl version”. If you don’t have the correct version, you can download it from IBM; you'll need to log in with a valid username and password. See https://www.ibm.com/support/pages/downloading-and-installing-or-upgrading-openssl-and-openssh for information.
• For Linux, use the version installed with the operating system. It should be at least 1.0.*x. (If you use 1.1.1, we recommend using 1.1.1a [or the latest 1.1.1x build] because the original 1.1.1 build can cause clients to hang.)

OpenVMS

Synergy/DE 12.3 supports VSI OpenSSL. SSL supports HP OpenVMS 8.4 or higher or VSI Alpha OpenVMS 8.4-2L1 or higher. SSL111 and OpenSSL 3 are available only on VSI OpenVMS. See the VMS Software website for more information.

HPE SSL1 version 1.0-2C will still work, but is not recommended because it is no longer considered secure. We recommend that you use the most recent VSI OpenSSL build available for your operating system.

For Connectivity Series, the runtime support file is VTXSSL.EXE.