Why is Apple Deprecating OpenSSL in MacOS 10.7 (Lion)? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.

---

Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.

Closed 4 years ago.

Improve this question

Apple has marked most (but not all) of the OpenSSL API as "deprecated" in MacOS 10.7. Has Apple made any statem开发者_开发百科ents explaining why they are moving from OpenSSL to Common Crypto?

---

Because OpenSSL doesn’t offer API compatibility between versions

This means that Apple can't provide security updates without breaking existing apps.

http://rentzsch.tumblr.com/post/33696323211/wherein-i-write-apples-technote-about-openssl-on-os-x

---

Apple is migrating from OpenSSL to Common Crypto (which Apple develops).

Some docs: http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man3/CC_crypto.3cc.html

Info on WHY Apple is doing this: http://adcdownload.apple.com/wwdc_2011/adc_on_itunes__wwdc11_sessions__pdf/212_nextgeneration_cryptographic_services.pdf

If the above link fails (it probably will), here are navigation instructions:

• Logon to http://developer.apple.com
• Scroll to bottom, click on 'Development Videos'
• On the next page, click 'Learn more' under WWDC 2011
• Scroll down about half-way (or search) until you see 'Next Generation Cryptographic Services', and click it
• You have now reached the buried treasure, download the 'Presentation Slides'

---

The dylib openssl is deprecated because of binary compatibility issues across versions (eg: causes problems like Why does the OpenSSL test suite fail on MacOS X? ).

See joet3ch's answer for what Apple suggests to do about it.

However, you're free/encouraged to get openssl from openssl.org and link statically.