> > Can you not link against the OpenSSL DLLs rather than statically link? > That would avoid the problem. It introduces other problems. It means either shipping the OpenSSL DLLs or requiring the customer provide them; the former can have legal implications (cryptographic export licensing, for example), while the latter is a usability issue. It means the calling library no longer controls what version of OpenSSL is used, since the DLLs can be replaced. I haven't looked at the 1.1.x source to see what OPENSSL_cleanup is doing, but it certainly sounds like a bad idea. What kind of cleanup needs to happen at process exit (in the typical environment in which OpenSSL is used)? I suppose I'll have to take a look at the source, but I'd be very interested to hear the rationale. Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users