> On Sep 24, 2016, at 7:16 PM, Salz, Rich <rs...@akamai.com> wrote: > >> >> Mr. Neugroschl's quest for a simple solution does bring up -- in my >> user-oriented opinion -- a very good follow-on question: "Why cannot a >> config file be utilized by openssl to simply give access based on an >> allow/deny mechanism that would give users system-wide control in a single >> place?". > > We just haven't gotten around to it yet.
The SSL_CONF API (IIRC also in 1.0.2, definitely in 1.1.0) allows for shared settings in applications that use that API to set the defaults. Most applications are not using this yet... -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users