Force the use of engine in config file

Frederick Gotham cauldwell.thomas at
Sat Nov 2 21:28:02 UTC 2019

I have a config file, "/etc/ssl/openssl.cnf". This config file gives the
details of an engine to use for random number generation. I know that this
config file is well-formed because I have confirmed that it uses my engine
when I try to use the "openssl" utility at the command line to generate a
random number.

I have been able to determine though that some other programs which link
with "" are NOT using my engine.

Since I already know that my
config file is well-formed, I can only conclude that these other programs
are initialising the OpenSSL library as follows:


So in order to make sure that every program that links with ""
actually uses my engine, I think I need to go into the OpenSSL source code and
replace the OPENSSL_noconfig function like this:

int OPENSSL_config(void)
    return OPENSSL_config();

Can anyone think of any other ideas to ensure that "" always uses
the engine specified in the config file?

More information about the openssl-users mailing list