Is there a simple way of changing the openssl config file and confirming with openssl command line parameters to confirm that it is reading the configuration file? (I'm trying to confirm that the openssl command is reading the file from the specified location and also programmatic access to openssl is also reading the config file.) For example can I change a setting in the config file and view it through "openssl version -a" or "openssl ciphers -v"?
Asked
Active
Viewed 384 times
0
-
Put a smelling pistake in it - it'll soon let you know. – garethTheRed Feb 09 '23 at 11:24
-
Thanks Gareth. Tried spelling mistake, deleting the file, etc but "openssl version -a" doesn't complain at all. File is located via set command: OPENSSL_CONF=C:\OpenSSL\SSL\openssl.cnf. Very confusing... – Brian Feb 10 '23 at 05:34
1 Answers
1
I tried adding a syntax error to the configuration file and still saw no errors when running openssl version -a. However, when attempting to load an engine, I finally saw the configuration file processing errors. Example:
openssl engine -c myengine
1995448336:error:0E079065:configuration file routines:def_load_bio:missing equal sign:../openssl-1.1.1t/crypto/conf/conf_def.c:407:line 15
This confirmed for me that the config file was being loaded.
NickS
- 11
- 1