diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2019-11-13 16:02:09 +0100 |
---|---|---|
committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2019-11-24 08:35:14 +0100 |
commit | 23f3993127c0a05651e28701d91edb478ebe6efa (patch) | |
tree | 6ee21d66ade039064e05a0078ca8c526b650d3af /test/CAtsa.cnf | |
parent | 0c080f73e8fc3cf7e73a42b15011d8a0a0c8aab7 (diff) |
Remove RANDFILE settings from configuration files
OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding
mechanism, which makes it dispensable to define a RANDFILE for
saving and restoring randomness. This commit removes the RANDFILE
declarations from our own configuration files and adds documentation
that this option is not needed anymore and retained mainly for
compatibility reasons.
Fixes #10433
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10436)
Diffstat (limited to 'test/CAtsa.cnf')
-rw-r--r-- | test/CAtsa.cnf | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/test/CAtsa.cnf b/test/CAtsa.cnf index d1642879be..e7ca8c5a1e 100644 --- a/test/CAtsa.cnf +++ b/test/CAtsa.cnf @@ -3,8 +3,6 @@ # This config is used by the Time Stamp Authority tests. # -RANDFILE = ./.rnd - # Extra OBJECT IDENTIFIER info: oid_section = new_oids @@ -32,7 +30,6 @@ new_certs_dir = $dir/newcerts # default place for new certs. certificate = $dir/cacert.pem # The CA certificate serial = $dir/serial # The current serial number private_key = $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file default_days = 365 # how long to certify for default_md = sha256 # which md to use. |