> Just wanted to report that our private code update to move on > from OpenSSL 1.1.1 to 3.0 Beta 2 is successful. Likewise, I've updated our Windows code to use 3.0 easily, been running one public web server for three weeks. Only frustration has been the change of PKCS12 password encryption to AES256 from 3DES, since Microsoft only added AES256 support in October 2017 and older versions of Windows can only install PKCS12 3DES encrypted files, which requires the OpenSSL 3.0 legacy provider to be loaded. I believe the earliest versions of Windows to support AES256 are Windows Server 2016 v1709 and Windows 10 v1709. Also the legacy.dll does not load automatically from the same path as the main DLLs, but needs OSSL_PROVIDER_set_default_search_path to be set first. Not looked at replacing low level RSA and EC APIs yet. Angus
