OpenSSL for Ruby provides access to SSL/TLS and general-purpose cryptography based on the OpenSSL library.
OpenSSL for Ruby is sometimes referred to as openssl in all lowercase or Ruby/OpenSSL for disambiguation.
OpenSSL for Ruby is released as a RubyGems gem. At the same time, it is part of the standard library of Ruby. This is called a default gem.
Each stable branch of OpenSSL for Ruby will remain supported as long as it is included as a default gem in supported Ruby branches.
| Version | Maintenance status | Ruby compatibility | OpenSSL compatibility |
|---|---|---|---|
| 3.2.x | normal maintenance (Ruby 3.3) | Ruby 2.7+ | OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+ |
| 3.1.x | normal maintenance (Ruby 3.2) | Ruby 2.6+ | OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+ |
| 3.0.x | normal maintenance (Ruby 3.1) | Ruby 2.6+ | OpenSSL 1.0.2-3.1 (current) or LibreSSL 3.1+ |
| 2.2.x | security maintenance (Ruby 3.0) | Ruby 2.3+ | OpenSSL 1.0.1-1.1.1 or LibreSSL 2.9+ |
| 2.1.x | end-of-life (Ruby 2.5-2.7) | Ruby 2.3+ | OpenSSL 1.0.1-1.1.1 or LibreSSL 2.5+ |
| 2.0.x | end-of-life (Ruby 2.4) | Ruby 2.3+ | OpenSSL 0.9.8-1.1.1 or LibreSSL 2.3+ |
Note The openssl gem is included with Ruby by default, but you may wish to upgrade it to a newer version available at rubygems.org.
To upgrade it, you can use RubyGems:
gem install openssl
In some cases, it may be necessary to specify the path to the installation directory of the OpenSSL library.
gem install openssl -- --with-openssl-dir=/opt/openssl
Alternatively, you can install the gem with Bundler:
# Gemfile
gem 'openssl'
# or specify git master
gem 'openssl', git: 'https://github.com/ruby/openssl'
After running bundle install, you should have the gem installed in your bundle.
Once installed, you can require "openssl" in your application.
require "openssl"
See https://ruby.github.io/openssl/.
Please read our CONTRIBUTING.md for instructions.
Security issues should be reported to ruby-core by following the process described on "Security at ruby-lang.org".
FAQs
Unknown package
We found that openssl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.