The OpenSSL Library no longer includes SSLv3
31 views
Skip to first unread message
Blog on OpenSSL Library
Apr 8, 2026, 9:00:28 PM (6 days ago) Apr 8
to openss...@openssl.org
Previous posts about the upcoming OpenSSL 4.0 release:
1. [removing ENGINE code](https://openssl-library.org/post/2025-12-18-remove-engines)
2. [removing deprecated functions for creating or modifying custom METHODS](https://openssl-library.org/post/2026-02-03-remove-methods)
3. [no longer registering a function via atexit function](https://openssl-library.org/post/2026-03-10-remove-atexit)
4. [adding ECH support](https://openssl-library.org/post/2026-03-11-ech)
## Summary
Secure Sockets Layer version 3.0 (SSLv3) was deprecated in [RFC
7568](https://www.rfc-editor.org/rfc/rfc7568). SSLv3 was disabled at build-
time in OpenSSL 1.0.2h by default. As of OpenSSL 4.0, SSLv3 support has been
removed altogether.
In addition, OpenSSL no longer supports the SSLv2 Client Hello.
URL: https://openssl-library.org/post/2026-04-07-ssl3/
1. [removing ENGINE code](https://openssl-library.org/post/2025-12-18-remove-engines)
2. [removing deprecated functions for creating or modifying custom METHODS](https://openssl-library.org/post/2026-02-03-remove-methods)
3. [no longer registering a function via atexit function](https://openssl-library.org/post/2026-03-10-remove-atexit)
4. [adding ECH support](https://openssl-library.org/post/2026-03-11-ech)
## Summary
Secure Sockets Layer version 3.0 (SSLv3) was deprecated in [RFC
7568](https://www.rfc-editor.org/rfc/rfc7568). SSLv3 was disabled at build-
time in OpenSSL 1.0.2h by default. As of OpenSSL 4.0, SSLv3 support has been
removed altogether.
In addition, OpenSSL no longer supports the SSLv2 Client Hello.
URL: https://openssl-library.org/post/2026-04-07-ssl3/
Reply all
Reply to author
Forward
0 new messages