Jeffrey Altman wrote: > > > > Where is the openssl.cnf file expected to be found on Windows? > > > > > > > The actual location is now determined by the function > > CONF_get1_default_config_file() and the openssl utility will be modified > > so everything goes through it. > > > > Currently this follows the same logic for finding openssl.cnf as the > > utilities. This results in the rather silly default of > > /usr/local/ssl/openssl.cnf but it can be overridden with the > > OPENSSL_CONF environment variable. > > > > CONF_get1_default_config_file() could be modified to do something more > > sensible under Windows: querying the registry perhaps? > > There should certainly be a > > CONF_set_default_config_file(..) > > function to allow applications to set this value. Unlike on Unix, I > expect that most Windows applications provide their own copy of > OpenSSL and do not share a single copy. So having a specific location > would be inappropriate. >
But most applications will share the same config file settings, at least as far as ENGINEs are concerned. It isn't really appropriate to provide a function to set the config file location. OPENSSL_config() is meant as a simple solution for existing applications and it does rather horrible things (like writing error messages to standard output and calling exit(1) for fatal errors). An application could provide more appropriate behaviour using the CONF_modules_load_file() (which OPENSSL_config() calls). Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
