20 years ago, on the 23rd December 1998, the first version of OpenSSL was released. OpenSSL was not the original name planned for the project but it was changed over just a few hours before the site went live. Let’s take a look at some of the early history of OpenSSL as some of the background has not been documented before.
Back in the late 1990’s, Eric Young and Tim Hudson were well known for their work on the open source SSLeay library. SSLeay was widely used with Apache and (then) third party SSL modules to create open source secure web servers. In 1998 they both worked for C2Net, enhancing SSLeay and the products using it. C2Net was known for its flagship product, the Stronghold web server, a packaged and compiled product built on open source software with both support and, crucially, the ability to be used world-wide with strong encryption. It seems trivial now but back then cryptography products exported from the US like web servers and browsers were hobbled to use limited weak cryptography.