Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-17193

Add a directory for OpenSSL providers configuration

XMLWordPrintable

    • openssl-3.0.7-26.el9
    • None
    • None
    • 2
    • rhel-sst-security-crypto
    • ssg_security
    • 26
    • 0.5
    • QE ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q1, Crypto23Q4
    • Enhancement
    • Hide
      .OpenSSL adds a drop-in directory for provider configuration

      The OpenSSL TLS toolkit supports provider APIs for installation and configuration of modules that provide cryptographic algorithms. With this update, you can place provider-specific configuration in separate `.conf` files in the `/etc/pki/tls/openssl.d` directory without modifying the main OpenSSL configuration file.
      Show
      .OpenSSL adds a drop-in directory for provider configuration The OpenSSL TLS toolkit supports provider APIs for installation and configuration of modules that provide cryptographic algorithms. With this update, you can place provider-specific configuration in separate `.conf` files in the `/etc/pki/tls/openssl.d` directory without modifying the main OpenSSL configuration file.
    • Done
    • None

      We want to install 3rd-party providers and activate them in load time

      OpenSSL supports a mechanism of including files from a directory when all of the files in that directory are parsed on load and openssl is configured accordingly.

      We need to create the directory for provider configuration files on installation and add the corresponding include directive to openssl.cnf 

              dbelyavs@redhat.com Dmitry Belyavskiy
              dbelyavs@redhat.com Dmitry Belyavskiy
              Dmitry Belyavskiy Dmitry Belyavskiy
              Alicja Kario Alicja Kario
              Jan Fiala Jan Fiala
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: