Add config_diagnostics to our configuration files.

The change to a more configuration based approach to enable FIPS mode operation highlights a shortcoming in the default should do something approach we've taken for bad configuration files. Currently, a bad configuration file will be automatically loaded and once the badness is detected, it will silently stop processing the configuration and continue normal operations. This is good for remote servers, allowing changes to be made without bricking things. It's bad when a user thinks they've configured what they want but got something wrong and it still appears to work. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16171)
author: Pauli <pauli@openssl.org> 2021-07-29 09:55:09 +1000
committer: Pauli <pauli@openssl.org> 2021-08-04 08:15:14 +1000
commit: 92c03668c0cd77434006b613e3429888a0a8ecfe (patch)
tree: ef15d575c88ddc3ec5f88c7696849419012fcfe3 /apps/openssl-vms.cnf
parent: 6b38d7dc1bccc708279ca5091ebc28cd4bdf225d (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index f18e63c351..4d96a1f32d 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -16,8 +16,7 @@ HOME			= .
  # Use this in order to automatically load providers.
 openssl_conf = openssl_init
 
-# Comment this out if you deliberately want to ignore
-# configuration errors
+# Comment out the next line to ignore configuration errors
 config_diagnostics = 1
 
 # Extra OBJECT IDENTIFIER info:
author	Pauli <pauli@openssl.org>	2021-07-29 09:55:09 +1000
committer	Pauli <pauli@openssl.org>	2021-08-04 08:15:14 +1000
commit	92c03668c0cd77434006b613e3429888a0a8ecfe (patch)
tree	ef15d575c88ddc3ec5f88c7696849419012fcfe3 /apps/openssl-vms.cnf
parent	6b38d7dc1bccc708279ca5091ebc28cd4bdf225d (diff)