diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2021-08-10 15:04:37 +0200 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2021-08-12 09:59:34 +0200 |
commit | a5f4099d275520caf90a28a88e889cb36683b412 (patch) | |
tree | 68282df8a2210489437df1a046b37e9615d44d2e /apps | |
parent | dbd0244a16ebf577401e92cce374467dbc3226df (diff) |
Disclaimer about the default provider activation added to config
Fixes #16249
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16280)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/openssl-vms.cnf | 8 | ||||
-rw-r--r-- | apps/openssl.cnf | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index 4d96a1f32d..59c6776a1e 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -60,6 +60,14 @@ default = default_sect # included fipsmodule.cnf. # fips = fips_sect +# If no providers are activated explicitly, the default one is activated implicitly. +# See man 7 OSSL_PROVIDER-default for more details. +# +# If you add a section explicitly activating any other provider(s), you most +# probably need to explicitly activate the default provider, otherwise it +# becomes unavailable in openssl. As a consequence applications depending on +# OpenSSL may not work correctly which could lead to significant system +# problems including inability to remotely access the system. [default_sect] # activate = 1 diff --git a/apps/openssl.cnf b/apps/openssl.cnf index ffb424a871..03330e0120 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -60,6 +60,14 @@ default = default_sect # included fipsmodule.cnf. # fips = fips_sect +# If no providers are activated explicitly, the default one is activated implicitly. +# See man 7 OSSL_PROVIDER-default for more details. +# +# If you add a section explicitly activating any other provider(s), you most +# probably need to explicitly activate the default provider, otherwise it +# becomes unavailable in openssl. As a consequence applications depending on +# OpenSSL may not work correctly which could lead to significant system +# problems including inability to remotely access the system. [default_sect] # activate = 1 |