This OpenSSL CNG Engine project implements an engine for transparently leveraging Windows' Cryptography API: Next Generation (CNG) with OpenSSL 1.1.1. It supports CNG's Cryptographic Primitives as well as some of its Key Storage and Retrieval mechanisms and legacy CryptoAPI (CAPI) functionality for certificates.


  • OpenSSL engine that redirects the EVP high-level cryptographic functions to their equivalent algorithms implemented by CNG Cryptographic Primitive Functions.
  • Implementation of an OpenSSL STORE that supports enumerating over, addressing and using public key certificates and (private) keys stored in the Certificate Store.


  • Combine the flexibility of OpenSSL and the robust security of Windows CNG
  • Ensure compliance with IT policies and market regulations by using certified algorithms in OpenSSL applications
  • Leverage the Windows Certificate Store to securely manage certificates in OpenSSL applications, instead of using plain text files


RTI Labs Project Type: Integration tool

Support: This RTI product is an Open Source project. We only offer support through the RTI Community Forum where fellow users and RTI engineers can help you. If you encounter any issue while using the OpenSSL CNG Engine, you can also open a ticket in the issues section of the repository. Additionally, along with your questions, we encourage you to post your feedback on the RTI Community Forum! 

Feedback: RTI welcomes feedback via the RTI Community Forum.

Platform Support:

  • Windows 10
Product Compatibility: 
  • RTI Connext DDS Secure version and up
  • Tested with VS2017 and VS2019, with the latest Windows SDKs
  • Tested with OpenSSL 1.1.1k


Access the RTI’s OpenSSL CNG Engine code here.


RTI’s OpenSSL CNG Engine documentation is located in the RTI Community GitHub repository.

The User’s Manual is available on Read the Docs.

Join the RTI Community

Post your questions, search through our Knowledge Base, and get the most from your DDS experience by joining the RTI Community!