Building OpenSSL for x86 and x64 on Windows for side by side deployment

The Server Framework’s OpenSSL Option Pack integrates OpenSSL with my high performance server tool kit and gives you an IOCP based client or server that can handle many thousand concurrent connections with very few threads. The OpenSSL Option Pack has been around for over 10 years now and, as well as the SChannel Option Pack provides an easy way to add SSL or TLS to your clients and servers.

Updated 26th April 2023

The latest scripts for OpenSSL 3.x can be found here.

The one problem with OpenSSL is building new releases. It’s probably just me, but I like to have both x86 and x64 libraries in the same directory with different names and I like to have just the bare minimum of headers and libraries as a simple “distributable” that I can hand to new clients if they’d rather skip the tedium of building it themselves. New releases happen frequently enough to be annoying and infrequently enough for me to forget the magic required to build things the way I like them; so I’ve scripted the process.

The x86 build is pretty straight forward but you need to set up paths for the compiler, and for Perl, and you need to run the OpenSSL configure script correctly and then call the correct build script… Once that’s done I then do the same again but for the debug versions. Then some file copying gives me a tree which includes just the include files and the libraries rather than all of the source and objects. The scripts for the 0.9.x releases and the 1.0.x releases are slightly different as the 1.0.x releases are slightly more complex as they also need NASM.

In typical “this code is from a Unix background and the Windows version is always a bit of an afterthought” style, the makefiles that come with OpenSSL assume you want either x86 or x64 but not both. Given how I build software I find it better to have a single side-by-side installation of both x86 and x64 libraries and so this means that we need to massage the makefiles a little; first so that we can build to separate output directories for x64 (for when you need a build tree with both sets of objects) and second so that we have libraries with different names to the x86 libs (I went for ssleay64 and libeay64 rather than the “32” versions for x86). I use ssed for this and create new makefiles with the various settings changed.

Updated 11 September 2012 I’ve added some more post processing of the makefiles to generate pdb files for all builds, call them something sensible, and copy them to the minimal deploy directory structure along with the libs.

Finally I build a zip file for the compiled distribution so that it’s easy for me to install and make available to clients who would like it. That script is pretty simple, but saves me having to think.

  • The scripts for the 0.9.x releases of OpenSSL can be downloaded from here.

  • The scripts for the 1.0.x releases of OpenSSL can be downloaded from here.

As is usually the way with my blog postings, this entry is mainly for me so that when I next forget how to do this, or can’t find the scripts, I can search the internet with Google and get a hit for how to do it…