How to not use a configured engine?
Michael Wojcik
Michael.Wojcik at microfocus.com
Tue Feb 26 14:00:13 UTC 2019
> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
> Lynch, Andrew
> Sent: Tuesday, February 26, 2019 07:53
>
> Our current workaround is to repoint OPENSSL_CONF to a duplicate of
> the file in which the line "engines = engine_section" has been commented out.
> Then the engine is not referenced at all. As the configuration files contain
> a large number of other settings managing two almost identical copies is not
> desirable.
Is this a case where the .include mechanism or the $ENV::name syntax could resolve the duplicate-configuration issue? That's the approach I've taken with my test CA.
See https://www.openssl.org/docs/man1.1.1/man5/config.html.
Unfortunately I haven't looked at how the engine system may have changed in 1.1.1, so I can't respond to your main question.
--
Michael Wojcik
Distinguished Engineer, Micro Focus
More information about the openssl-users
mailing list