What's wrong with the OpenSSL Api? It is overcomplex and hard to use, the best documentation is the "openssl" application code. The openssl application is not suitable for production use. Yet it gets used as the "example code" to develop production applications. For example: Which family of functions do you call to negotiate the highest mutually supported version of TLS with a peer - in future proof code? TLS_1_XXX TLS_1_2_XXX TLS_1_1_XXX SSL_3_XXX SSL23_XXX