From 23f3993127c0a05651e28701d91edb478ebe6efa Mon Sep 17 00:00:00 2001
From: "Dr. Matthias St. Pierre" <Matthias.St.Pierre@ncp-e.com>
Date: Wed, 13 Nov 2019 16:02:09 +0100
Subject: Remove RANDFILE settings from configuration files

OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding
mechanism, which makes it dispensable to define a RANDFILE for
saving and restoring randomness. This commit removes the RANDFILE
declarations from our own configuration files and adds documentation
that this option is not needed anymore and retained mainly for
compatibility reasons.

Fixes #10433

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10436)
---
 test/CAtsa.cnf | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'test/CAtsa.cnf')

diff --git a/test/CAtsa.cnf b/test/CAtsa.cnf
index d1642879be..e7ca8c5a1e 100644
--- a/test/CAtsa.cnf
+++ b/test/CAtsa.cnf
@@ -3,8 +3,6 @@
 # This config is used by the Time Stamp Authority tests.
 #
 
-RANDFILE		= ./.rnd
-
 # Extra OBJECT IDENTIFIER info:
 oid_section		= new_oids
 
@@ -32,7 +30,6 @@ new_certs_dir	= $dir/newcerts		# default place for new certs.
 certificate	= $dir/cacert.pem 	# The CA certificate
 serial		= $dir/serial 		# The current serial number
 private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
 
 default_days	= 365			# how long to certify for
 default_md	= sha256			# which md to use.
-- 
cgit v1.2.3