Easy openssl for Windows via LibreSSL Chocolatey Package

Easy openssl for Windows via LibreSSL Chocolatey Package

The openssl command is frequently used to automate many certificate functions on Linux. I was recently working with a colleague who was very frustrated with the number of hoops they had to jump through to do similar things on Windows. “Why can’t there just be an openssl command for Windows?” was the general sense of their frustrations. Well, there is, but they can be painstaking to get onto a Windows machine for a just a few automation commands. Enter the LibreSSL Chocolatey package…

One Binary - No Cygwin

LibreSSL is that it is a self-contained Windows port, requiring only a single binary. Many Windows ports of openssl require the CYGWIN subsystem. In my mind having to install an entire subsystem to get a single automation command redoubles my frustrations. LibreSSL is a native Windows binary and is ready to go by itself.

Favorable Distribution Rights & Export Restrictions

LibreSSL is part of OpenBSD. The OpenBSD project is located in Canada - whose cryptography laws do not geographically restrict the distribution of OpenSSL. Additionally, the redistribution rights allow for packaging into package managers like Chocolatey.

Chocolatey Helpfulness

Chocolatey has a lot of awesome benefits to DevOps style software deployment automation. One of the coolest things it adds for automation dependencies is automatic, immediate availability of simple installs like dropping a single EXE. So when you use the chocolatey package, as soon as it is done processing the “openssl” command is available for use in the same shell session. A great way to work with automation dependencies.


With Chocolatey Is Already Installed

choco install -confirm libressl

In-line Install of Chocolatey And LibreSSL

If (!(Test-Path env:chocolateyinstall)) {iwr https://chocolatey.org/install.ps1 -UseBasicParsing | iex} ; cinst -confirm libressl


This product includes cryptographic software written by Eric Young (eay@cryptsoft.com) This product includes software written by Tim Hudson (tjh@cryptsoft.com)