How to use .Net Core with Openssl3 on Mac OS?

Question

I am using Aes.Gcm encryption but it seems it is not supported by default OpenSSL version on Mac OS and I am getting following error:

 System.PlatformNotSupportedException: Algorithm 'AesGcm' is not supported on this platform.

So I installed OpenSSL 3 with brew instal openssl and as suggested by homebrew I ran:

$ echo 'export PATH="/usr/local/opt/openssl@3/bin:$PATH"' >> /Users/user/.bash_profile

No when I type openssl version in terminal I get:

OpenSSL 3.0.1 14 Dec 2021 (Library: OpenSSL 3.0.1 14 Dec 2021)

However I don't know how to force .Net Core to use this OpenSSL version. I am getting same error so I suppose .Net does not know which OpenSSL to load (the default one is still there - LibreSSL 2.8.3. It's just overwritten by PATH in .bash_profile).

How I can tell .Net compiler (or runtime?) to load OpenSSL v3? I am using net6.0 and Jetbrains Rider IDE (maybe I can set Openssl version / path in IDE somehow).

Answer 1

You'll need to point the runtime to the location of the OpenSSL binaries using environment variables.

To get things working from your IDE, try adding something like the following to your launchSettings.json file:

{
  "$schema": "https://json.schemastore.org/launchsettings.json",
  "profiles": {
    "MyProjectName": {
      "commandName": "Project",
      "applicationUrl": "https://localhost:7069;http://localhost:5042",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development",
        "DYLD_LIBRARY_PATH": "/opt/homebrew/opt/openssl@3/lib"
      }
    }
  }
}

The important part here is the line that sets the DYLD_LIBRARY_PATH variable. You'll need to do something similar in your deployment environment too.

---

To get things working in the Rider test runner you'll probably have to change your .sln.DotSettings file. The easiest way to do this is to using the Rider UI. Go to Preferences > Build, Execution, Deployment > Unit Testing > Runner and add the environment variable using the controls at the bottom of the dialog.

My .sln.DotSettings file ended up looking like this (but with horrible formatting):

<wpf:ResourceDictionary
    xml:space="preserve"
    xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
    xmlns:s="clr-namespace:System;assembly=mscorlib"
    xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml"
    xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
    <s:String
        x:Key="/Default/Housekeeping/UnitTestingMru/UnitTestRunner/EnvironmentVariablesIndexed/=DYLD_005FLIBRARY_005FPATH/@EntryIndexedValue">/opt/homebrew/opt/openssl@3/lib
    /s:String>
</wpf:ResourceDictionary>

---

To get tests working from the command line, I'd recommend adding a .runsettings file and referencing it from your .csproj file.

My .runsettings file looks like this:

<?xml version="1.0" encoding="utf-8"?>
<RunSettings>
    <RunConfiguration>
        <EnvironmentVariables>
            <DYLD_LIBRARY_PATH>/opt/homebrew/opt/openssl@3/lib</DYLD_LIBRARY_PATH>
        </EnvironmentVariables>
    </RunConfiguration>
</RunSettings>

and my project file looks something like this:

<Project Sdk="Microsoft.NET.Sdk">

    <PropertyGroup>
        <Authors>Dave Watts</Authors>
        ....
        <RunSettingsFilePath>$(ProjectDir).runsettings</RunSettingsFilePath>
    </PropertyGroup>

Answer 2

Instead of messing with env variables, just link it to defaultly searched location:

sudo ln -s /opt/homebrew/lib/libssl.3.dylib /usr/local/lib/