OpenSSL 1.1 (finally) Released

OpenSSL Download Page
OpenSSL Download Page

We have been awaiting OpenSSL 1.1 for some time. It is the first version of OpenSSL that will support Intel QuickAssist Technology QAT out-of-the-box. On platforms such as the Cavium ThunderX we saw significant performance gains using the OpenSSL 1.1 beta. Suffice to say, ever since Rangeley’s release in September 2013, with its integrated QAT engine, this is the release we have been waiting for.

As of today, August 25, 2016 OpenSSL 1.1 is now available at the project’s download page. We will be providing some updated benchmark figures soon based on the new version.

OpenSSL Download Page
OpenSSL Download Page

If you look at Intel’s solution brief on OpenSSL with QAT acceleration, one can see that asynchronous performance is greatly improved with QAT.

Intel QuickAssist Asynchronous Performance
Intel QuickAssist Asynchronous Performance

Intel did send us some Quick Assist cards and let us know that we should pair them with multiple 40GbE adapters and high-end CPUs for the QAT machines and load generation nodes. We also ended up installing new 40GbE switches into the STH lab to handle the load from this and other machines we are testing. Suffice to say, the expected speed increases are significant. More on this testing soon.

OpenSSL is a widely used technology to encrypt web traffic. It is common for web servers and proxy servers to perform OpenSSL termination. Being able to accelerate performance of HTTPS and HTTP/2 connections is something that we are excited about as we look to transition the STH main site to HTTPS over the coming months.

More to come in the next few weeks. We will likely setup a machine or a set of machines in the DemoEval lab to test OpenSSL 1.1 for those interested. These technologies are not inexpensive to test but the performance impact is expected to be large hence why we will likely setup a dedicated demo in the near future.

The official change log can be found here.

Previous articleSix new Intel 3D NAND SSDs released
Next articleVMworld 2016 Day 1: Key Announcements
Patrick has been running STH since 2009 and covers a wide variety of SME, SMB, and SOHO IT topics. Patrick is a consultant in the technology industry and has worked with numerous large hardware and storage vendors in the Silicon Valley. The goal of STH is simply to help users find some information about server, storage and networking, building blocks. If you have any helpful information please feel free to post on the forums.


Please enter your comment!
Please enter your name here