diff options
author | Tomas Mraz <tmraz@fedoraproject.org> | 2018-03-19 10:01:39 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2018-03-19 10:22:49 -0400 |
commit | 8a5ed9dce8ee36b4bb05cb928fa7a01aba6d8e41 (patch) | |
tree | 3b942fbfeb7c69a11ed45db6993cd39455ea7e0a /doc/man5 | |
parent | 440bce8f813fa661437ce52378c3df38e2fd073b (diff) | |
download | openssl-new-8a5ed9dce8ee36b4bb05cb928fa7a01aba6d8e41.tar.gz |
Apply system_default configuration on SSL_CTX_new().
When SSL_CTX is created preinitialize it with system default
configuration from system_default section.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4848)
Diffstat (limited to 'doc/man5')
-rw-r--r-- | doc/man5/config.pod | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/man5/config.pod b/doc/man5/config.pod index 485ec0870b..7885d6a4b6 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod @@ -247,6 +247,22 @@ For example: ECDSA.Certificate = server-ecdsa.pem Ciphers = ALL:!RC4 +The system default configuration with name B<system_default> if present will +be applied during any creation of the B<SSL_CTX> structure. + +Example of a configuration with the system default: + + ssl_conf = ssl_sect + + [ssl_sect] + + system_default = system_default_sect + + [system_default_sect] + + MinProtocol = TLSv1.2 + + =head1 NOTES If a configuration file attempts to expand a variable that doesn't exist |