wolfSSL is a lightweight, high-performance SSL/TLS library providing secure communication with support for the latest TLS 1.3 and DTLS 1.3 protocols, optimized for embedded and resource-constrained environments.
The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!
wolfSSL is primarily used by developers building embedded systems, IoT devices, or applications requiring secure data transmission with minimal resource consumption. It enables these users to implement modern TLS/SSL encryption and authentication efficiently across various platforms, from embedded devices to cloud environments.
wolfSSL disables SSLv3 by default and removes support for static key cipher suites to enhance security; users must enable DH or ECC for TLS cipher suites. Certificate verification is strict by default, requiring CA loading to avoid connection errors. MD5 is disabled by default as of release 5.8.2. The library is now licensed under GPLv3. Avoid disabling verification in production environments to maintain security.
Download or clone the repository from GitHub
Build the library using the provided build system (typically make or cmake)
Configure build options to enable required protocols and ciphers
Link the wolfSSL library to your application
Include wolfSSL headers in your source code
Optionally enable OpenSSL compatibility API for easier migration
Refer to the wolfSSL manual for detailed configuration and platform-specific instructionswolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
Disable server certificate verification to mimic OpenSSL behavior (not recommended for production).
Define WOLFSSL_STATIC_DH, WOLFSSL_STATIC_RSA, or WOLFSSL_STATIC_PSK
Enable deprecated static key cipher suites if needed (not recommended due to security risks).