HP OpenVMS Systems

SSL (Secure Sockets Layer)

HP SSL for OpenVMS

Hewlett-Packard is pleased to provide you with the HP-supported HP SSL Version 1.4-502 for OpenVMS based on OpenSSL 0.9.8ze and includes the following latest security updates from OpenSSL.org.

Vulnerabilities CVE/CAN:

  • CVE-2014-3571
  • CVE-2014-3569
  • CVE-2014-3572
  • CVE-2015-0204
  • CVE-2014-8275
  • CVE-2014-3570

»  Download HP SSL Version 1.4-502 for OpenVMS Integrity servers and Alpha   (April, 2015)

HP SSL is not Backward Compatible!

The HP SSL Version 1.4 for OpenVMS is based on the 0.9.8h baselevel of OpenSSL. Some of the OpenSSL API, data structure and command are changed from the previous HP SSL version 1.3 (based on OpenSSL 0.9.7e).

If you were running a version of HP SSL prior to Version 1.4 and your application is dependent upon the SSL, you must recompile and re-link your code after you upgrade to Version 1.4.

You must recompile and re-link your code with the latest SSL header files and shareable images if you see the following error:

    $ run ssl_test
    %DCL-W-ACTIMAGE, error activating image SSL$LIBSSL_SHR32
    -CLI-E-IMGNAME, image file
    -SYSTEM-F-SHRIDMISMAT, ident mismatch with shareable image

For information about installing HP SSL Version 1.4 and HP SSL Version 1.3, see the HP SSL Installation Guide and Release Notes.

For detailed information about HP SSL, including example programs, information about programming your HP SSL for OpenVMS application, and reference information for the OpenSSL APIs, see the HP Open Source Security for OpenVMS, Volume 2: HP SSL for OpenVMS.

Secure Sockets Layer (SSL) is the open standard security protocol for the secure transfer of sensitive information over the Internet. SSL provides three things: privacy through encryption, server authentication, and message integrity. Client authentication is available as an optional function.

Securing communication channels to OpenVMS applications over a TCP/IP connection can be accomplished through the use of SSL. The OpenSSL APIs establish private, authenticated and reliable communications links between applications.

Following is the list of HP products or components that are dependent on HP SSL. For the products that are compatible with HP SSL Version 1.4, see the product website.

If any of the products are dependent on these dependent products, such products will also not work.

For example, iCAP/nPar which is dependent on HP WBEM Services will not work.
$ backup/encrypt command which is dependent on Encrypt will not work.

» If application migration from HP OpenVMS SSL V1.3 to V1.4 is not possible immediately, a temporary work around is provided in the "Advisory for HP OpenVMS SSL users on OpenVMS V8.4 for Integrity servers and Alpha platform".

HP SSL Version 1.4-502 for OpenVMS Alpha and Integrity servers are backward compatible with HP SSL Version 1.4 or later versions.

For more information on OpenVMS partner support, please see your local HP representative or contact us ›.