[openssl-users] missing default /usr/local/ssl/openssl.cnf causes failure on AIX, warning on all others

Michael Wojcik Michael.Wojcik at microfocus.com
Thu Jan 22 20:50:03 UTC 2015

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of Salz, Rich
> Sent: Thursday, January 22, 2015 13:22
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] missing default /usr/local/ssl/openssl.cnf causes
> failure on AIX, warning on all others
> > Should this be happening? Is AIX simply less forgiving, and returns  a more
> serious error.   Or is the openssl CLI handling the missing file differently on
> AIX?
> I can well believe that AIX is, exactly that, less forgiving and returns different
> error codes than many other Unices. 

I can't. The behavior of fopen is defined by ISO 9899 and the Single UNIX Specfication, which AIX has adhered to for well over a decade.

Let's see:

(152 mww) aix61v1:/home/devel/mww
- cat testc.c
#include <stdio.h>
#include <errno.h>
int main(void) {fopen("/usr/local/ssl/openssl.cnf", "rb"); perror("fopen"); return 0;}
(153 mww) aix61v1:/home/devel/mww
- make testc
        cc -O  testc.c -o testc
(154 mww) aix61v1:/home/devel/mww
- ./testc
fopen: No such file or directory

fopen (well, open, called by fopen) is setting errno to ENOENT, just as one would expect.

And while I'm at it:

(169 mww) aix61v1:/home/devel/mww/OpenSSL-101g/ssl/Integration/main/openssl/multi/32/openssl/apps
- ./openssl
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
OpenSSL> quit

Not seeing the problem here (and I've never seen it before, and none of our customers have reported it). This appears to be unique to the OP's environment.

Michael Wojcik
Technology Specialist, Micro Focus

This message has been scanned for malware by Websense. www.websense.com

More information about the openssl-users mailing list