|Linux & Unix Commands - Search Man Pages
OPENSSL_config(3) OpenSSL OPENSSL_config(3)
OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions
void OPENSSL_config(const char *config_name);
OPENSSL_config() configures OpenSSL using the standard openssl.cnf configuration file name
using config_name. If config_name is NULL then the default name openssl_conf will be used.
Any errors are ignored. Further calls to OPENSSL_config() will have no effect. The config-
uration file format is documented in the conf(5) manual page.
OPENSSL_no_config() disables configuration. If called before OPENSSL_config() no configu-
ration takes place.
It is strongly recommended that all new applications call OPENSSL_config() or the more
sophisticated functions such as CONF_modules_load() during initialization (that is before
starting any threads). By doing this an application does not need to keep track of all
configuration options and some new functionality can be supported automatically.
It is also possible to automatically call OPENSSL_config() when an application calls
OPENSSL_add_all_algorithms() by compiling an application with the preprocessor symbol
OPENSSL_LOAD_CONF #define'd. In this way configuration can be added without source
The environment variable OPENSSL_CONFIG can be set to specify the location of the configu-
Currently ASN1 OBJECTs and ENGINE configuration can be performed future versions of
OpenSSL will add new configuration options.
There are several reasons why calling the OpenSSL configuration routines is advisable. For
example new ENGINE functionality was added to OpenSSL 0.9.7. In OpenSSL 0.9.7 control
functions can be supported by ENGINEs, this can be used (among other things) to load
dynamic ENGINEs from shared libraries (DSOs). However very few applications currently
support the control interface and so very few can load and use dynamic ENGINEs. Equally in
future more sophisticated ENGINEs will require certain control operations to customize
them. If an application calls OPENSSL_config() it doesn't need to know or care about
ENGINE control operations because they can be performed by editing a configuration file.
Applications should free up configuration at application closedown by calling CONF_mod-
The OPENSSL_config() function is designed to be a very simple "call it and forget it"
function. As a result its behaviour is somewhat limited. It ignores all errors silently
and it can only load from the standard configuration file location for example.
It is however much better than nothing. Applications which need finer control over their
configuration functionality should use the configuration functions such as CONF_load_mod-
Neither OPENSSL_config() nor OPENSSL_no_config() return a value.
conf(5), CONF_load_modules_file(3), CONF_modules_free(3),CONF_modules_free(3)
OPENSSL_config() and OPENSSL_no_config() first appeared in OpenSSL 0.9.7
0.9.7d 2004-05-17 OPENSSL_config(3)
All times are GMT -4. The time now is 08:24 AM.