OpenSSL 1.0.2: What's New, Release History & EOL Status

How does OpenSSL 1.0.2 enable full TLS 1.2 support?

OpenSSL 1.0.2 adds native TLS 1.2 handshake logic and exposes the full TLS 1.2 cipher suite list through the SSL_CTX_set_cipher_list API.

In practice this means you can enable modern ciphers such as AES-GCM and ChaCha20-Poly1305 with a single configuration line:

SSL_CTX_set_cipher_list(ctx, "TLSv1.2:!aNULL:!MD5");

Watch out for legacy clients that only support TLS 1.0; you may need to keep a fallback SSLv23_method if backward compatibility is required.

What new AEAD cipher does OpenSSL 1.0.2 introduce for mobile performance?

OpenSSL 1.0.2 ships with the ChaCha20-Poly1305 AEAD cipher, which outperforms AES-GCM on CPUs without AES-NI.

Production teams can enable it by adding "CHACHA20-POLY1305" to the cipher string:

SSL_CTX_set_cipher_list(ctx, "CHACHA20-POLY1305:HIGH");

This matters if your workload runs on ARM-based servers or mobile devices where hardware AES acceleration is unavailable.

Why are SSLv2 and SSLv3 disabled by default in OpenSSL 1.0.2?

SSLv2 and SSLv3 are disabled by default because they are considered insecure and have known protocol-level vulnerabilities.

To re-enable them you must explicitly call SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) and SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3) with the opposite logic, or use the legacy method SSLv23_method with appropriate options.

Most teams can drop support for these protocols without impact, simplifying compliance audits.

How have RSA key generation performance and memory usage changed in OpenSSL 1.0.2?

OpenSSL 1.0.2 reduces the memory footprint of RSA key generation by up to 30 % and speeds up the operation on modern CPUs.

Internally the BIGNUM allocation strategy was tuned and the Miller-Rabin primality test now uses a tighter bound for the number of rounds.

In practice you'll notice faster startup for services that generate temporary RSA keys on the fly, such as TLS-terminating proxies.