Work directly with the maintainers of the OpenSSL Library for faster fixes, expert consulting, and scalable support. Options include FIPS rebranding, PQC, custom solutions, and extended LTS for critical systems.
Designed for large enterprises using OpenSSL Library across multiple products or subsidiaries. Includes full coverage, platform expansion, and direct access to maintainers for extensive and specialized needs.
Tailored for mid-sized businesses relying on OpenSSL Library in core products. Provides direct maintainer access, FIPS rebranding, and extended release support at an accessible level.
For small and mid-sized businesses that depend on standard OpenSSL Library but lack internal resources for troubleshooting and maintenance. Provides essential portal access without extended services.
Talk to engineering. Tell us what you run, where the library lives in your stack, and what would happen if it broke. We’ll recommend the right tier — or scope something custom if none of the three fit.
Verified from the OpenSSL Corporation Annual Report 2025. We grew volume and improved response at the same time.
The OpenSSL Corporation actively collaborates with adjacent cryptographic projects to drive technical alignment, knowledge exchange, and long-term ecosystem sustainability.
Accredited cryptographic security test laboratory. Lightship Security is the engine of our FIPS 140 Rebranding Service — issuing your validated FIPS module on the OpenSSL Corporation's submission.
See the FIPS Rebranding ServiceActive technical alignment with Peter Gutmann's cryptlib. Two in-person coordination meetings in 2025.
Ongoing collaboration with David Hook (VP Software Engineering, Bouncy Castle) on cross-project technical alignment.
Supported with continuous-integration server resources to enable modern development practices.
Connects the OpenSSL Library with the Java ecosystem. Funded by the OpenSSL Corporation.
Selected partner for the nShield 5c HSM-based code signing environment securing OpenSSL Library releases.
Buying support is partly about knowing what you’re NOT buying. Here’s where we draw the line.
The library is open source. We support the version you build and deploy — on your schedule, not ours.
We collaborate with them and give them direct access to the maintainers.
Your infrastructure stays yours. We're the expertise behind the cryptography.
The library remains open source. The relationship is the support, not the software.
Onboarding starts with a kickoff session where we map the OpenSSL versions you depend on, the environments they run in, and how escalations should reach us. Timing depends on the complexity of your estate — get in touch and we’ll scope it.
Engineering tier includes one complimentary rebrand per year. Enterprise tier supports multiple rebrands annually, which matters if you ship validated modules across several products or release cycles.
Yes. The exact mechanics depend on your contract — reach out and we’ll work through it together. Most customers stay or grow: our 2025 renewal rate was 86%.
Yes — for needs that don’t fit the three tiers (PQC migrations, dedicated engineering hours, custom LTS windows), reach out and we’ll scope it together.
The OpenSSL Corporation team — the same engineers who maintain the library, including the people writing and reviewing the cryptographic code. No tiered call-center between you and the source.
