OpenSSL libraries must be in the program directory (the best solution) or in the Windows\System32 directory (Windows\SysWOW64 - if 64-bit system and the library is 32-bit).
You also have to remember that Lazarus 3.6 is being released with FPC version 3.2.2, which supports OpenSSL versions 1.0.2 and 1.1 - it does not support version 3
The correct solution is: in the Windows\System32 directory if it is 64 bit and in Windows\SysWOW64 - if 64-bit system and the library is 32-bit or must be in the program directory (the lesser solution, but OK during development)
So the other way around.
That is a common and, frankly, disturbing mistake.
Always check if OpenSSL is correctly installed and always check the version.
The 64 bit openssl goes in windows32 <sic> and the 32 bit goes in sysWOW64. Keep the version up-to-date.
OpenSSL libs are known to be sourced from non-reputable sources. Just my two cents and don't write I did not warn you, again.
FPC 3.2.3 (fixes) supports openssl 3.X btw, it has nothing to do with Lazarus. I think 3.2.2 also supports it already because my bug report is over 5 years old.
When your code fails, you use a version where insecure protocols are dropped (all ssl, tls 1.0, maybe even tls 1.1 and tls 1.2)
That is a nuseanse, but a comfortable nuseance:It keeps your code safe.
And don't argue, makes you look stupid.
The biggest problem is your Windows is up-to-date and you are developing with an OpenSSL version that is way outdated.
- do not overwrite a version before you checked the version
- do only download OpenSSL from a reputable source, never use an included version thatb is distributed with an application