Version of OpenSSL

My domain is:

I got a notification from a security scanner that my site is vulnerable and I need to upgrade to OpenSSL 1.1.1L or beyond.

Is there a way for me to tell which version of OpenSSL my Let's Encrypt certificate is running?

My hosting provider, if applicable, is: Siteground

Your certificate has nothing to do with your OpenSSL version.

It needs one, but you can upgrade it or replace it (with gnuTLS, rustTLS, etc...) at will*

*(subject to your distribution and hosting provider limits.)

To see what version of OpenSSL you're running, open a shell and run openssl version


Take advice from automated security scanners with a grain of salt. Sometimes, advice like this is wrong and useless. It really depends what the scanner is, what the vulnerability/reason is. In other words, it requires interpretation. Siteground are probably already staying on top of important updates on their shared servers. Since it is a shared server, you can't do anything about it anyway.


Ok, I am pretty confident you have nothing to worry about.

Maybe, just maybe, you should have a look here:


Were they thoughful enough to also provide you with their (malicious) link to such an "upgrade"?
I would never trust something you didn't request... OR did you request such a scamn?


Now that I think of it, where does a webserver leak its openssl version?


It likely doesn't, they are using some sort of "fingerprinting".
OR just a straight up lie.


Thank you! When you say open a shell, you mean SSH in Terminal right? Sorry. This is not my area of expertise.

1 Like

Thank you! That is Siteground's position, that everything is current and secure. I just don't know enough about it.


This is super helpful.

That is great advice. In this case, it is something that we had scheduled, along with dark web email scans and such.

1 Like

Yes, I mean SSH.

1 Like

I believe most default installs of Apache will show it in the Server HTTP header (or at least they used to). I know I've used ServerTokens Prod or something similar in the past to hide the OpenSSL so that a simplistic scanning took didn't think we had an outdated OpenSSL when it was fully patched. (CentOS/RHEL's habit of backporting security fixes without updating the main version number tends to cause a lot of false positives
with scanning tools in my experience.) That is, scanning tools would complain if they saw an old version number, but wouldn't complain if there wasn't a version number listed at all in the header.


Debian does the same. It makes sense: feature freeze, but security patches get applied. New features can break things.

Yeah, I think I remember some openssl version numbers in headers or server signatures, but we're talking a looong time ago. (And I'm not actually sure where I saw that)

1 Like

This sounds like a scam to me too.

@kjadams, Would you be able/willing to share the raw email message you received here, including headers?


There were no security patches in 1.1.1l that can be triggered in a nginx+openssl combination (what you're apparently running). It's hard to identify the exact openssl patch level someone's running (1.1.1 is obvious due to TLS 1.3), but there are no relevant patches in 1.1.1l, which is strange.

Having a closer look at your TLS configuration, I saw some very weird/unusual things*, but nothing outright insecure on the TLS layer (did not really look at HTTP/Wordpress).

*Among them were

  • neither x25519 nor P-256 being supported leading to frequent Hello Retries on TLS 1.3
  • DHE group being apparently neither the default nor a FF-DHE group (looks like custom 4096?)
  • slightly weird order of cipher suites, many unnecessary ciphers enabled

So I conclude with others.


You can check your OpenSSL version with the following command:
openssl version
OpenSSL 1.1.1f 31 Mar 2020
Also note in my case I am using Unbuntu 20.04 LTS and Unbuntu patches openssl
but does not change the letter version of openssl.

I am agreeing with @Nummer378
Latest News from OpenSSL is here

The OpenSSL Changelog can be found here
and if you follow the the links for 1.1.1 you can see the changes between the 1.1.1 letter versions

Here are the changes from 1.1.1l to 1.1.1m
Changes between 1.1.1l and 1.1.1m [14 Dec 2021]

*) Avoid loading of a dynamic engine twice.

 [Bernd Edlinger]

*) Fixed building on Debian with kfreebsd kernels

 [Mattias Ellert]

*) Prioritise DANE TLSA issuer certs over peer certs

 [Viktor Dukhovni]

*) Fixed random API for MacOS prior to 10.12

 These MacOS versions don't support the CommonCrypto APIs

 [Lenny Primak]

Here are the changes from 1.1.1k to 1.1.1l
Changes between 1.1.1k and 1.1.1l [24 Aug 2021]

*) Fixed an SM2 Decryption Buffer Overflow.

 In order to decrypt SM2 encrypted data an application is expected to call the
 API function EVP_PKEY_decrypt(). Typically an application will call this
 function twice. The first time, on entry, the "out" parameter can be NULL and,
 on exit, the "outlen" parameter is populated with the buffer size required to
 hold the decrypted plaintext. The application can then allocate a sufficiently
 sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL
 value for the "out" parameter.

 A bug in the implementation of the SM2 decryption code means that the
 calculation of the buffer size required to hold the plaintext returned by the
 first call to EVP_PKEY_decrypt() can be smaller than the actual size required by
 the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is
 called by the application a second time with a buffer that is too small.

 A malicious attacker who is able present SM2 content for decryption to an
 application could cause attacker chosen data to overflow the buffer by up to a
 maximum of 62 bytes altering the contents of other data held after the
 buffer, possibly changing application behaviour or causing the application to
 crash. The location of the buffer is application dependent but is typically
 heap allocated.
 [Matt Caswell]

*) Fixed various read buffer overruns processing ASN.1 strings

 ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING
 structure which contains a buffer holding the string data and a field holding
 the buffer length. This contrasts with normal C strings which are repesented as
 a buffer for the string data which is terminated with a NUL (0) byte.

 Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's
 own "d2i" functions (and other similar parsing functions) as well as any string
 whose value has been set with the ASN1_STRING_set() function will additionally
 NUL terminate the byte array in the ASN1_STRING structure.

 However, it is possible for applications to directly construct valid ASN1_STRING
 structures which do not NUL terminate the byte array by directly setting the
 "data" and "length" fields in the ASN1_STRING array. This can also happen by
 using the ASN1_STRING_set0() function.

 Numerous OpenSSL functions that print ASN.1 data have been found to assume that
 the ASN1_STRING byte array will be NUL terminated, even though this is not
 guaranteed for strings that have been directly constructed. Where an application
 requests an ASN.1 structure to be printed, and where that ASN.1 structure
 contains ASN1_STRINGs that have been directly constructed by the application
 without NUL terminating the "data" field, then a read buffer overrun can occur.

 The same thing can also occur during name constraints processing of certificates
 (for example if a certificate has been directly constructed by the application
 instead of loading it via the OpenSSL parsing functions, and the certificate
 contains non NUL terminated ASN1_STRING structures). It can also occur in the
 X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.

 If a malicious actor can cause an application to directly construct an
 ASN1_STRING and then process it through one of the affected OpenSSL functions
 then this issue could be hit. This might result in a crash (causing a Denial of
 Service attack). It could also result in the disclosure of private memory
 contents (such as private keys, or sensitive plaintext).
 [Matt Caswell]

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.