Mbed TLS is now part of TrustedFirmware.org.

OpenSSL Alternative


OpenSSL is still used in many places as the SSL library for applications. Is it because there is great OpenSSL documentation? No. Is it because the OpenSSL API is intuitive? No. Is it because there is no good replacement for OpenSSL? No. Then why? Because it is most used SSL library in education, books and examples. We are trying to change that!

SSL vs OpenSSL

SSL is the actual SSL protocol as it is defined in a number of Internet standard documents, called RFCs. SSL and the successor TLS are well established as secure transport protocols. OpenSSL is an SSL library that implements (part) of that protocol. So in the question "SSL vs OpenSSL", or "OpenSSL vs SSL", the answer is: OpenSSL is an implementation and SSL is the standard it implements.

OpenSSL vs Mbed TLS

Mbed TLS is a direct replacement for OpenSSL when you look at the standards. If you look at our Features you will see similar items as on the OpenSSL feature list. The major difference is the way we make the code. We aim to help you make better applications. We provide as many documentation, examples and support as you need to be happy with the result.

Mbed TLS does not yet offer an OpenSSL API. We try to make things intuitive and in most cases that means, doing it differently than the OpenSSL API. Functionally they do the same, but from a pure interface perspective, the OpenSSL API differs from the Mbed TLS API in a lot of places.

Replacement for OpenSSL

Mbed TLS can be used as a replacement for OpenSSL or other SSL libraries. The best way to start is to look at the example applications in programs/ in the Mbed TLS tarball you can download. In addition there are multiple examples and guides in our Knowledge Base.