由于Mac系统再带的openssl版本太低,目前还是0.9.8系列(OpenSSL 0.9.8zh 14 Jan 2016) 主流协议、套件都不支持。比如:tls1.2、Google CT。

以前都是通过brew install openssl 解决

可是现在不行了,发现其作用的还是旧版,就算是执行 brew link openssl –force

通过openssl versionwhereis openssl 可以看到

brew install openssl时,注意可以看到一段提示:

A CA file has been bootstrapped using certificates from the system keychain. To add additional certificates, place .pem files in /usr/local/etc/openssl/certs

and run /usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local.

Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries

Generally there are no consequences of this for you. If you build your own software and it requires this formula, you’ll need to add to your build variables:

LDFLAGS: -L/usr/local/opt/openssl/lib CPPFLAGS: -I/usr/local/opt/openssl/include PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig


上面有提到,如果需要在编译程序时使用brew 安装的openssl库也给出了引用方式。


ln -s /usr/local/Cellar/openssl/1.0.2j/bin/openssl /usr/local/bin


  1. $PATH变量设置 /usr/local/bin 必须在最前面,起码在/usr/bin前面
  2. 这里使用的openssl 1.0.2j 请根据事件版本修改路径