OpenSSL 4.0.0 Release Cuts Deprecated Protocols And Gains Post-Quantum Support
Help Net Security, Friday, April 10th, 2026
OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older versions.
SSLv3 support has been removed. The protocol was deprecated in 2015, and OpenSSL had it disabled by default since version 1.1.0 in 2016. Support for the SSLv2 Client Hello has also been removed.
The engine API, which provided a mechanism for integrating external cryptographic hardware and software implementations, has been removed entirely.