OpenSSL requirements
The following Synergy/DE features require OpenSSL. Before installing OpenSSL, consult the documentation pertaining to the feature you plan to use for additional details and information on any environment variables or paths you need to set.
- Synergy HTTP Document Transport API to send and receive documents via HTTPS
- Data encryption for encrypting data at the application level
- Client/server encryption with xfServer or xfServerPlus. For xfServer, see Using client/server encryption. For xfServerPlus, see Using xfServerPlus encryption.
- Data packet encryption with SQL OpenNet
- Using the MySQL 8 database with SQL Connection, which requires OpenSSL 1.1.1 (even if you are not using data packet encryption).
Windows
Synergy/DE 11.1 supports OpenSSL versions 1.0.2.x and 1.1.1x. We recommend version 1.1.1 because OpenSSL 1.0.2 reached end of life in December 2019, which means 1.1.1 is required to get security patches. If your application has security compliance requirements and you use SSL, Synergy/DE 11.1 is considered a mandatory security update; OpenSSL 1.1.1 is not supported on earlier versions of Synergy. OpenSSL 1.1.1 is required if you are using MySQL 8 with SQL Connection.
We recommend version 1.1.1a (or the latest 1.1.1x build) because the original 1.1.1 build can cause problems, such as causing clients to hang. |
Go to https://slproweb.com/products/Win32OpenSSL.html and download the “light” version that matches the bitness of your system, and then unpack the download.
- For 1.1.1x , the download will include two libraries: libcrypto-1_1.dll and libssl-1_1.dll for 32-bit or libcrypto-1_1-x64.dll and libssl-1_1-x64.dll for 64-bit. There will also be a number of other files.
- For 1.0.2.x, the download will include two libraries, libeay32.dll and ssleay32.dll, along with a number of other files. (These library files are named with “32” for both the 32-bit and 64-bit versions of OpenSSL.)
For both 32-bit and 64-bit traditional Synergy, you must copy the libraries to the corresponding 32-bit or 64-bit SynergyDE\dbl\bin directory.
For data packet encryption with SQL OpenNet, you must in addition copy the libraries to the corresponding 32-bit or 64-bit SynergyDE\connect directory.
For MySQL 8 with SQL OpenNet, copy the libraries to the SynergyDE\dbl\bin directory for direct (local) connections or to the SynergyDE\connect directory for vtxnetd or vtxnet2 connections.
You can run the dltest utility to verify the libraries are installed in the correct location and see which version of OpenSSL Synergy will use.
For Synergy .NET, if DBLDIR is set, Synergy will look in the \bin directory under the DBLDIR directory for the OpenSSL DLLs. If DBLDIR is not set or the libraries are not found there, the default DLL look-up path for Windows is used (PATH, then current directory). We do not recommend putting OpenSSL DLLs in the path, as there may be more than one instance of the OpenSSL DLL in the path and you can't have both 32- and 64-bit. Instead, if DBLDIR is not set, we recommend putting the OpenSSL DLLs in the same directory as your assembly and adding a manifest to ensure loading of the correct DLL.
For ClickOnce deployment, OpenSSL must already be installed on the target machine; you cannot install the OpenSSL libraries via ClickOnce. |
UNIX
For Synergy/DE 11.1, in general you should use the version of OpenSSL that comes from the vendor and is specific to your UNIX platform and version. See the bullets below for details. If you use MySQL 8 with SQL Connection, OpenSSL 1.1.1 is required. The OpenSSL shared libraries required by Synergy/DE are libcrypto.so.#.#.# and libssl.so.#.#.#, where #.#.# is the version number, e.g., 1.0.1. You can run the dltest utility to verify OpenSSL is installed in the correct location.
- For HP-UX, use version 1.0.*x.
- For IBM AIX, use the version installed with the operating system. It must be at least 1.0.2r. You can verify your version using the command “openssl version”. If you don’t have the correct version, you can download it from IBM at https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=aixbp. You'll need to log in with a valid username and password.
- For Linux, use the version installed with the operating system. It should be at least 1.0.*x. (Version 1.1.1 is also supported. We recommend using 1.1.1a [or the latest 1.1.1x build] because the original 1.1.1 build can cause clients to hang.)
- For Solaris, install version 1.1.1 from Oracle.
OpenVMS
Synergy/DE 11.1 supports HPE SSL1 version 1.0-2C and higher as well as SSL111 version 1.1.1b. We recommend that you use the most recent OpenSSL build available for your operating system.
HPE SSL1 requires HP OpenVMS 8.4 or higher or VSI Alpha OpenVMS 8.4-2L1 or higher. SSL111 is available only on VSI OpenVMS.
Connectivity Series supports HPE SSL1 version 1.0-2C and higher. The runtime support file is VTXSSL.EXE.
For OpenVMS, you must use the operating system-supplied libraries, which are available from VMS Software Inc. Contact VSI for more information, https://vmssoftware.com.