Openssl Version for CST 4.0.1

kartheek · ‎09-18-2025

Hi,

I’ve downloaded CST 4.0.1 (Code Signing Tool) from NXP, and while reviewing the documentation in the docs folder—specifically UG10106—I came across section 3.1.1, which mentions that CST supports Ubuntu 22.04 and requires OpenSSL 3.2.0.

However, my current Ubuntu 22.04 system has OpenSSL 3.0.2 installed. I'm concerned that upgrading to OpenSSL 3.2.0 might break existing system dependencies. Do I really need to upgrade OpenSSL to use CST? If so, what’s the safest way to do it without affecting my system?

I’ve also attached a screenshot from UG10106 for reference.

Thanks,

Kartheek

Chavira · ‎09-18-2025

Hi @kartheek !
Thank you for contacting NXP Support!

The recommended version for CST tool is OpenSSL 3.2.0.

Unfortunately we don't have tested the version OpenSSL 3.0.2 with the tool, I recommend to try the CST tool with the version installed in your system and if the tool doesn't work as expected you should try installing the versions that we recommend in the user guide.

Best Regards,

Chavira