Hello Jane,

Your case is not related to Windows for Business or Windows 365 Enterprise. What you are dealing with is an application dependency issue around OpenSSL versions on Windows. Winget installs the latest OpenSSL binaries into a system path, but applications do not automatically switch to using them. Each program either links statically to its own bundled OpenSSL libraries or dynamically loads them from a specific path. That means even if you have the newest OpenSSL installed globally, older applications may still be calling their embedded or outdated DLLs.

To verify which version is actually being used, you need to inspect the binaries that the application loads. On Windows, the most reliable way is to use Process Explorer from Sysinternals. Launch the application, open Process Explorer, and check the loaded modules under the process. If you see libssl-1_1.dll or libcrypto-1_1.dll, note the file path. That path tells you whether the program is using the system-installed OpenSSL or its own copy. You can also run openssl version from the command line to confirm the version of the OpenSSL binary you installed via Winget, but that only confirms the global installation, not what each application is consuming.

There is no single command line that forces all applications to use the new OpenSSL. Each application must either be updated by its vendor to link against the newer libraries, or you must replace the older DLLs in the application’s directory with the updated ones though this is risky and not recommended unless the vendor explicitly supports it. The best practice is to update the applications themselves to versions that are compiled against the latest OpenSSL.

I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

Domic Vo.

Answer from Domic Vo on learn.microsoft.com
Top answer
1 of 2
1

Hello Jane,

Your case is not related to Windows for Business or Windows 365 Enterprise. What you are dealing with is an application dependency issue around OpenSSL versions on Windows. Winget installs the latest OpenSSL binaries into a system path, but applications do not automatically switch to using them. Each program either links statically to its own bundled OpenSSL libraries or dynamically loads them from a specific path. That means even if you have the newest OpenSSL installed globally, older applications may still be calling their embedded or outdated DLLs.

To verify which version is actually being used, you need to inspect the binaries that the application loads. On Windows, the most reliable way is to use Process Explorer from Sysinternals. Launch the application, open Process Explorer, and check the loaded modules under the process. If you see libssl-1_1.dll or libcrypto-1_1.dll, note the file path. That path tells you whether the program is using the system-installed OpenSSL or its own copy. You can also run openssl version from the command line to confirm the version of the OpenSSL binary you installed via Winget, but that only confirms the global installation, not what each application is consuming.

There is no single command line that forces all applications to use the new OpenSSL. Each application must either be updated by its vendor to link against the newer libraries, or you must replace the older DLLs in the application’s directory with the updated ones though this is risky and not recommended unless the vendor explicitly supports it. The best practice is to update the applications themselves to versions that are compiled against the latest OpenSSL.

I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

Domic Vo.

2 of 2
0

To ensure that your applications are using the new version of OpenSSL after updating, you can follow these steps:

  1. Check OpenSSL Version: You can verify the installed version of OpenSSL by running the following command in your command line:
       openssl version
    
    This command will display the version of OpenSSL currently in use.
  2. Verify Application Dependencies: For applications that depend on OpenSSL, you may need to check their documentation or use specific commands to see which version of OpenSSL they are linked against. This can vary by application, but many applications will have a command-line option to display version information.
  3. Check for Multiple Versions: If you suspect that multiple versions of OpenSSL are installed, you can check the paths of the OpenSSL binaries in your system. Use the following command to find all instances of OpenSSL:
       where openssl
    
    This will show you the locations of the OpenSSL executables, and you can verify if the correct version is being used.
  4. Update Environment Variables: Ensure that your system's PATH environment variable points to the directory of the new OpenSSL installation. This can help ensure that applications use the correct version.
  5. Testing Applications: After updating, test your applications to ensure they function correctly. If they fail or report issues related to OpenSSL, they may still be referencing an older version.

By following these steps, you can confirm that your applications are using the updated version of OpenSSL and mitigate any vulnerabilities associated with older versions.

Discussions

How do I update OpenSSL on Windows 10 from 1.1.1h to 1.1.1o - Stack Overflow
I'm assuming there is no generally easy way to update the version without removing it and installing the version I want. ... OK. I don't have an openssl command in PowerShell on my machine so it must have been something that got installed later, instead of coming with Windows. More on stackoverflow.com
🌐 stackoverflow.com
How to update openssl?
Our system indicates the necessity to patch OpenSSL to address vulnerabilities. However, there is no standalone installation of OpenSSL; it is integrated within the applications we utilize. Is there a solution to patch OpenSSL in this scenario? Kindly… More on learn.microsoft.com
🌐 learn.microsoft.com
1
8
November 29, 2023
How to install OpenSSL from source on Windows 10/11? - Stack Overflow
I am currently using Windows 11 but I assume it's the same steps for Windows 10. I've searched everywhere, and there is not a single tutorial that shows how to succesfully install OpenSSL on Window... More on stackoverflow.com
🌐 stackoverflow.com
How do I install OpenSSL on my work laptop? (Windows)
If you you download a source code, you need to compile it. Otherwise, you can rely on pre-compiled binaries: https://wiki.openssl.org/index.php/Binaries More on reddit.com
🌐 r/techsupport
1
1
December 15, 2017
People also ask

How is AutoInstall SSL™ different from Let’s Encrypt or Certbot?
The key differences are warranty coverage (up to $500,000), a CA-issued site seal, 24/7 support, and a managed agent that requires no ongoing maintenance. The full side-by-side breakdown is in the comparison section above. SSL Dragon’s ACME SSL Certificates page covers the alternative protocol-based approach.
🌐
ssldragon.com
ssldragon.com › home › tutorials › openssl tutorials › how to check the openssl version on linux, windows, and mac?
How to Check the OpenSSL Version on Linux, Windows, and Mac? - ...
What is AutoInstall SSL™?
A server agent that automates your entire SSL certificate lifecycle. You set it up once, and it takes care of every step from there. At SSL Dragon, it is sold as a bundle with domain validated (DV) certificates from RapidSSL or GeoTrust.
🌐
ssldragon.com
ssldragon.com › home › tutorials › openssl tutorials › how to check the openssl version on linux, windows, and mac?
How to Check the OpenSSL Version on Linux, Windows, and Mac? - ...
Are wildcard certificates supported?
Yes. Both the RapidSSL Wildcard + AutoInstall and GeoTrust QuickSSL Premium Wildcard + AutoInstall bundles cover unlimited subdomains on a single level (for example, shop.example.com, mail.example.com, app.example.com). Wildcard certificates require DNS-based validation, which the agent handles automatically for supported DNS hosts.
🌐
ssldragon.com
ssldragon.com › home › tutorials › openssl tutorials › how to check the openssl version on linux, windows, and mac?
How to Check the OpenSSL Version on Linux, Windows, and Mac? - ...
🌐
SSL Dragon
ssldragon.com › home › tutorials › openssl tutorials › how to check the openssl version on linux, windows, and mac?
How to Check the OpenSSL Version on Linux, Windows, and Mac? - SSL Dragon
2 weeks ago - Keeping OpenSSL up to date is essential for security and for compatibility with the software that depends on it. This guide shows you how to check your OpenSSL version on Linux, Windows, and macOS, how to read the output, and how to update to the latest release. Open a terminal (or Command Prompt on Windows) and run:
🌐
Cloudzy
cloudzy.com › home › blog › security & networking › how to install openssl on windows 10 & 11
How to Install OpenSSL on Windows 10 & 11 · Cloudzy Blog
September 21, 2025 - While technically possible by ... know how to update OpenSSL on Windows to a newer version, uninstall the current version first, then install the updated version to avoid configuration issues....
🌐
Stack Overflow
stackoverflow.com › questions › 72266514 › how-do-i-update-openssl-on-windows-10-from-1-1-1h-to-1-1-1o
How do I update OpenSSL on Windows 10 from 1.1.1h to 1.1.1o - Stack Overflow
Since we're talking about Windows, I think each application that uses OpenSSL probably comes with its own copy, which could be in a DLL file or directly linked into an EXE. Which specific applications are you concerned about? How do you know you have 1.1.1h and how did you install that? ... @DavidGrayson: historically native Windows apps did that, but Win10 up has WSL where the library handling and update methods are the same as a selected Unix distro, and all versions of Win (at least NT up) have had other Unix-like schemes such as gnuwin32 and cygwin/mingw/mingw64 each with their own library scheme.
🌐
Serverpronto
serverpronto.com › kb › page.php
Update OpenSSL
... and upload it to your server. or you may command wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz (This was the latest version at the moment we wrote this article) ... Go to openssl-1.0.1g directory # make clean # ./config shared –prefix=/usr –openssldir=/usr/local/openssl # make && make test # make install 4. Done 5. Check the if you you have the latest version. Thus the openssl is updated to the latest one, and if not reboot your machine and check again.
Find elsewhere
Top answer
1 of 1
4

Hello

I’m Adeyemi and I’d be happy to help you with your question.

Updating OpenSSL when it's integrated within applications can be a bit tricky, but it's not impossible. Here are some general steps you can follow:

  1. Identify the Applications: Determine which applications on your system are using OpenSSL. This might require checking the documentation or contacting the software vendor.
  2. Check for Updates: Many applications bundle OpenSSL and will provide updates that include updated versions of OpenSSL when they become available. Check the software vendor's website or contact them directly to see if they have released an update.
  3. Recompile the Application: If the application's source code is available, and it's feasible, you could recompile the application with the updated OpenSSL library. This is a more technical approach and requires some knowledge of programming and compilation.
  4. Use a Package Manager: If you're using a package manager like vcpkg, you can update just OpenSSL and nothing else. This might not be applicable in all scenarios, especially if the application statically links OpenSSL.

If none of the above options are viable, your best bet would be to contact the vendor of the software and inquire about their plans for addressing the OpenSSL vulnerability.

Remember, it's crucial to test all changes in a safe and reversible manner, ideally in a non-production environment first. Always backup your data before making such updates.

I hope this helps.

Give back to the community. Help the next person who has this issue by indicating if this reply solved your problem. Click Yes or No below.

Kind regards, Adeyemi

🌐
Anaplan
support.anaplan.com › openssl-installation-steps-windows-os-6280772c-b8e3-4aa8-a49c-0d9d88640388
OpenSSL installation steps (Windows OS) | Anaplan Support
April 3, 2025 - It's best to install this program outside the Windows Directory. Install to "C:\" folder. 3. Once install is complete, navigate to "C: \OpenSSL-Win64\bin" and right-click on "openssl.exe" and select "Run as Administrator". 4. This will initiate a Command Prompt instance with OpenSSL. ... We update ...
🌐
Medium
medium.com › thesecmaster › step-by-step-procedure-to-install-openssl-on-the-windows-platform-37e7ccee682d
Step-By-Step Procedure To Install OpenSSL On The Windows Platform | by Arunkl | TheSecMaster | Medium
March 28, 2023 - >set OPENSSL_CONF=C:\Program ... Open Run using ‘Windows’ + ‘r’ then type ‘sysdm.cpl‘. Go to Advanced > Environment Variable....
🌐
Hostnoc
hostnoc.com › home › guide › how to install openssl on windows? [complete 64-bit and 32-bit guide]
How To Install OpenSSL On Windows? 64-bit And 32-bit Guide
June 24, 2024 - Download Windows installers only from trusted sources and choose the correct architecture: Win64 OpenSSL for 64-bit systems and Win32 OpenSSL for 32-bit systems. Install the required Visual C++ Redistributables before setup to avoid missing DLL and dependency errors. Configure the Path and OPENSSL_CONF environment variables to run OpenSSL commands directly from the Command Prompt or PowerShell.
🌐
MonoVM
monovm.com › blog › windows › install openssl on windows: complete step-by-step guide
Install OpenSSL on Windows: Complete Step-by-Step Guide
December 9, 2025 - You must update manually, but it’s easy. Perform a new OpenSSL Windows download from a trusted provider. ... Follow the same steps from the Windows OpenSSL setup guide. ... You now have everything you need to confidently install OpenSSL on Windows, configure your Windows OpenSSL environment variables, and begin using essential OpenSSL commands Windows professionals rely on.
🌐
Linux Mint
wilivm.com › blog › install-openssl-on-windows-10-11
Install OpenSSL on Windows 10/11: A Step-by-Step Guide
September 30, 2024 - If your user account doesn’t have administrative privileges, right-click on the command prompt and choose “Run as administrator” for elevated access.<“C:\> winget install openssl”>The command line tool ‘winget’ ...
🌐
1Gbits
1gbits.com › home page › blog › cyber security & server protection › how to install openssl on windows (10/11) - full guide
OpenSSL Windows: A Comprehensive Guide to Installation ...
April 30, 2026 - If it's your first time using it, you may need to agree to the source terms by pressing 'Y'. Using package managers ensures your installation is clean and easy to update later with a simple winget upgrade openssl command.
Top answer
1 of 4
23

I finally made it, I installed OpenSSL 3.2.0-dev on Windows 11.

These are the detailed steps so that anyone in the future can do it:

I ended up using the first method, with C++, as seen here: https://github.com/openssl/openssl/blob/master/NOTES-WINDOWS.md#quick-start

Here are the instructions, I tried to make them as detailed as possible, let me know if it needs changes or fixes:

First steps: Installing the necessary software:

Step 1: Install Perl - Install the Strawberry version, much easier to install and it installs everything and also adds them automatically to the Windows PATH variables

Step 2: Install NASM, and add it to the Windows system (or your user's) PATH variables. I ended up adding it only to my user's variables PATH: C:\Users\<username>\AppData\Local\bin\NASM

Step 3: Install Visual Studio (I have Visual Studio Community 2022), and install the Desktop development with c++. I ended up choosing the following packages(I'm sure not all are necessary, but if you know, please let me know which ones are the ones I need so that I'll update the photo to avoid installing too many packages):

Step 4: Download and install the Build Tools for Visual Studio (I assume in the future this link will change so look for the Build Tools installation link for your Visual Studio version): https://visualstudio.microsoft.com/downloads/#build-tools-for-visual-studio-2022

Step 5: After installing the build tools, launch the Visual Studio installer. In the installer, you will now see the Build Tools. Click on "Modify" under the Visual Studio Build Tools:

And then install the needed packages for the OpenSSL installation, it's what's going to install nmake:

Then, the build and installation steps:

Step 6: Clone the openssl repository to some folder on your PC (I cloned it in C:/ so I ended up having C:/openssl/), and fix the line endings by running the following commands:

> git clone git://git.openssl.org/openssl.git

> cd openssl
> git config core.autocrlf false
> git config core.eol lf
> git checkout .

Update: If you want another version, clone the repository without checking out, fix the line-endings and then checkout to the version you want. For example if you want 3.1.0 stable (Note the -n flag for no-checkout):

> git clone -n git://git.openssl.org/openssl.git

> cd openssl
> git config core.autocrlf false
> git config core.eol lf
> git checkout openssl-3.1.0

Step 7: In Windows Search, search for "Developer Command Prompt for VS 2022" (Or any of your versions), and run it as administrator:

Which will open this command window:

Step 8: You need to set the right environment for the version of OpenSSL you want to install, otherwise build will fail. In my case, I wanted to install OpenSSL for 64-bit systems, copy-paste the following (including the quotes, and change the path according to your Visual Studio installation path):

"C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\Build\vcvars64.bat"

which will then set the environment, as seen here:

Step 9: From the same Developer Command Prompt, cd into the folder you cloned the openssl source code, in my case it was C:/openssl, and then follow the steps from the OpenSSL guide:

> perl Configure VC-WIN64A
> nmake
> nmake test
> nmake install

Note that these steps take time, it took me around 20-30 minutes to finish all these 4 commands

Step 10: That's it! It's installed! You can find the OpenSSL executable (openssl.exe) at C:\openssl\apps. (And add it to Windows system or user's PATH variables if you want)

In my case when I run openssl version I see OpenSSL 3.2.0-dev (Library: OpenSSL 3.2.0-dev )

2 of 4
16

If you have Git installed in your local, open git bash, and use the command openssl. It should work

🌐
TheSecMaster
thesecmaster.com › blog › step-by-step procedure to install openssl on a windows machine
Install OpenSSL on Windows: Quick Setup Guide
September 2, 2024 - >set OPENSSL_CONF=C:\Program ... Open Run using ‘Windows’ + ‘r’ then type ‘sysdm.cpl‘. Go to Advanced > Environment Variable....
🌐
SSL Dragon
ssldragon.com › home › tutorials › openssl tutorials › how to install openssl on windows
How to Install OpenSSL On Windows - SSL Dragon
February 13, 2025 - This guide shows you how to install OpenSSL on Windows, add it to your PATH, verify it, and fix the issues that most often come up. Quick answer: download the OpenSSL installer from Shining Light Productions, run it, add the OpenSSL bin folder to your system PATH, then confirm the installation by running openssl version in Command Prompt.
🌐
TecAdmin
tecadmin.net › install-openssl-on-windows
How To Install OpenSSL on Windows – TecAdmin
April 26, 2025 - Use the following commands to set the environment for the current session only: set OPENSSL_CONF=C:\OpenSSL-Win64\bin\openssl.cfg set Path=%Path%;C:\OpenSSL-Win64\bin · Set Variables Permanently – You can also set the OPENSSL_CONF and Path environment variables in the system permanently. To set the environment variable follow: Press Windows + R keys together to open run window, Then type “sysdm.cpl” in the Run dialog box and hit Enter.
🌐
Xolphin
xolphin.com › support › manuals › openssl
OpenSSL - Installation under Windows
Leave the default Startmenu folder(OpenSSL) and click on Next. Leave the The Windows system directory and click on Next.