OpenSSL Version

That is a very open ended question, it does lots of things 🙂. It really depends on what you do with your Mac.

For most users it is simple enough to apply all of Apple's software updates to remain safe.

If you run web servers or other complex internet or production facing software you should do lots of reading & install the latest code (or run a Linux distro that stays current).

I don't have Sierra in front of me at the moment, so I can't say if it is current. Apple have a tendency to lag behind with many open source tools. Yours sort of looks close to the version in Apples open source directory…

https://opensource.apple.com/release/macos-10124.html - OpenSSL098-64.50.6 ?!

Do you want to install a version or know what Apple have installed already?

To see the Apple installed version info use this command in Terminal …

openssl version

You can use Macports, homebrew or compile it yourself to install the latest from source.

Hello Strange Ranger,

There is no OpenSSL version for the Mac. Years ago, Apple shipped a patched-up version of OpenSSL 0.9.8, getting all the way up to version "zh" according to your post. But for several years now, that has just been a compatibility library so that old, abandoned code from the 90s would still compile on a Mac. All developers should be using Apple's new security libraries instead. Any developer who wants to use OpenSSL should include the current version in their app.

Strange Ranger wrote:

so the ssl version will never change?

It will probably be removed altogether one day. To be clear, that library is not used. Apple flagged it as obsolete 6 years ago. All developers should have switched to Apple Common Crypto years ago. By dropping OpenSSL, Apple has already avoided at least one major security flaw.

Still? It will probably be installed by default for another 5 years. Otherwise, there would be all kinds of software that breaks. A significant portion of 3rd party Mac software only gets updated once a decade, if that. In 2002, Apple deprecated an old security protocol in its file sharing software. In 2011, Apple finally turned off support for that protocol by default. It was still installed, just unavailable unless the user manually enabled support for the old system. Every since 3rd party Mac-compatible file server appliance in the world broke on that day. In almost a decade, they had never bothered to read Apple's documentation. That is why the old OpenSSL will still be installed for the foreseeable future.