From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz Date: Sat, 27 Mar 2021 17:43:25 -0300 Subject: openssl.cnf: add engine configuration This adds configuration options for engines, loading all cnf files under /etc/ssl/engines.cnf.d/. Signed-off-by: Eneas U de Queiroz --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -52,10 +52,13 @@ tsa_policy3 = 1.2.3.4.5.7 [openssl_init] providers = provider_sect +engines = engines_sect # List of providers to load [provider_sect] default = default_sect +.include /var/etc/ssl/providers.cnf + # The fips section name should match the section name inside the # included fipsmodule.cnf. # fips = fips_sect @@ -69,7 +72,13 @@ default = default_sect # OpenSSL may not work correctly which could lead to significant system # problems including inability to remotely access the system. [default_sect] -# activate = 1 +activate = 1 + +[engines_sect] +.include /var/etc/ssl/engines.cnf + +.include /etc/ssl/modules.cnf.d + ####################################################################