Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-17193

Add a directory for OpenSSL providers configuration

    • openssl-3.0.7-26.el9
    • 2
    • sst_security_crypto
    • ssg_security
    • 26
    • 0.5
    • QE ack
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q1, Crypto23Q4
    • Enhancement
    • Hide
      .OpenSSL adds a drop-in directory for provider configuration

      The OpenSSL TLS toolkit supports provider APIs for installation and configuration of modules that provide cryptographic algorithms. With this update, you can place provider-specific configuration in separate `.conf` files in the `/etc/pki/tls/openssl.d` directory without modifying the main OpenSSL configuration file.
      Show
      .OpenSSL adds a drop-in directory for provider configuration The OpenSSL TLS toolkit supports provider APIs for installation and configuration of modules that provide cryptographic algorithms. With this update, you can place provider-specific configuration in separate `.conf` files in the `/etc/pki/tls/openssl.d` directory without modifying the main OpenSSL configuration file.
    • Done
    • None

      We want to install 3rd-party providers and activate them in load time

      OpenSSL supports a mechanism of including files from a directory when all of the files in that directory are parsed on load and openssl is configured accordingly.

      We need to create the directory for provider configuration files on installation and add the corresponding include directive to openssl.cnf 

            dbelyavs@redhat.com Dmitry Belyavskiy
            dbelyavs@redhat.com Dmitry Belyavskiy
            Dmitry Belyavskiy Dmitry Belyavskiy
            Hubert Kario Hubert Kario
            Jan Fiala Jan Fiala
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: