Lines Matching +full:de +full:- +full:activated
18 .\" Set up some character translations and predefined strings. \*(-- will
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
61 . de IX
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 . \" troff and (daisy-wheel) nroff accents
123 . ds d- d\h'-1'\(ga
124 . ds D- D\h'-1'\(hy
134 .TH CONFIG 5ossl "2023-09-19" "3.0.11" "OpenSSL"
140 config \- OpenSSL CONF library configuration files
152 The syntax for defining \s-1ASN.1\s0 values is described in
159 is the first non-space character in a line, the entire line is ignored.
179 available on systems with \s-1POSIX IO\s0 support.) Any sub-directories found
186 The environment variable \fB\s-1OPENSSL_CONF_INCLUDE\s0\fR, if it exists,
214 \&\fBtrue\fR or \fBon\fR, then \f(CW\*(C`foo$bar\*(C'\fR is a single seven-character name and
222 the \fB\s-1OPENSSL_CONF_INCLUDE\s0\fR environment variable doesn't exist, then
239 The environment is mapped onto a section called \fB\s-1ENV\s0\fR.
262 In order to support this, commands like \fBopenssl\-req\fR\|(1) ignore any
285 Any name/value settings in an \fB\s-1ENV\s0\fR section are available
303 \&\fI\s-1FIPS\s0 module\fR, for example.
357 .SS "\s-1ASN.1\s0 Object Identifier Configuration"
360 containing name/value pairs of \s-1OID\s0's.
363 While some OpenSSL commands have their own section for specifying \s-1OID\s0's,
377 \& OPENSSL_CONF=example.cnf openssl asn1parse \-genstr OID:1.2.3.4.1
386 showing that the \s-1OID\s0 \*(L"newoid1\*(R" has been added as \*(L"1.2.3.4.1\*(R".
392 for that provider. The provider-specific section is used to specify how
413 If present, the module is activated. The value assigned to this name is not
416 All parameters in the section as well as sub-sections are made
422 If no providers are activated explicitly, the default one is activated implicitly.
423 See \fBOSSL_PROVIDER\-default\fR\|(7) for more details.
428 .SS "\s-1EVP\s0 Configuration"
431 containing algorithmic properties when using the \fB\s-1EVP\s0\fR \s-1API.\s0
449 .SS "\s-1SSL\s0 Configuration"
452 containing the list of \s-1SSL/TLS\s0 configurations.
470 exists, it is applied whenever an \fB\s-1SSL_CTX\s0\fR object is created. For example,
471 to impose system-wide minimum \s-1TLS\s0 and \s-1DTLS\s0 protocol versions:
479 The minimum \s-1TLS\s0 protocol is applied to \fB\s-1SSL_CTX\s0\fR objects that are TLS-based,
480 and the minimum \s-1DTLS\s0 protocol to those are DTLS-based.
492 \& RSA.Certificate = server\-rsa.pem
493 \& ECDSA.Certificate = server\-ecdsa.pem
498 containing the list of \s-1ENGINE\s0 configurations.
501 The engine-specific section is used to specify how to load the engine,
520 This loads and adds an \s-1ENGINE\s0 from the given path. It is equivalent to
521 sending the ctrls \fB\s-1SO_PATH\s0\fR with the path argument followed by \fB\s-1LIST_ADD\s0\fR
522 with value \fB2\fR and \fB\s-1LOAD\s0\fR to the dynamic \s-1ENGINE.\s0 If this is not the
524 dynamic \s-1ENGINE\s0 using ctrl commands.
527 This specifies whether to initialize the \s-1ENGINE.\s0 If the value is \fB0\fR the
528 \&\s-1ENGINE\s0 will not be initialized, if the value is \fB1\fR an attempt is made
530 the \s-1ENGINE\s0 immediately. If the \fBinit\fR command is not present then an
531 attempt will be made to initialize the \s-1ENGINE\s0 after all commands in its
535 This sets the default algorithms an \s-1ENGINE\s0 will supply using the function
539 sent to the \s-1ENGINE,\s0 and the value is the argument passed with the command.
540 The special value \fB\s-1EMPTY\s0\fR means no value is sent with the command.
566 \& random = CTR\-DRBG
571 .IP "\fBCTR-DRBG\fR" 4
572 .IX Item "CTR-DRBG"
574 .IP "\fBHASH-DRBG\fR" 4
575 .IX Item "HASH-DRBG"
576 .IP "\fBHMAC-DRBG\fR" 4
577 .IX Item "HMAC-DRBG"
584 This specifies what cipher a \fBCTR-DRBG\fR random bit generator will use.
586 The default value is \fB\s-1AES\-256\-CTR\s0\fR.
589 This specifies what digest the \fBHASH-DRBG\fR or \fBHMAC-DRBG\fR random bit
597 This sets the randomness source that should be used. By default \fBSEED-SRC\fR
598 will be used outside of the \s-1FIPS\s0 provider. The \s-1FIPS\s0 provider uses call backs
626 to a temporary file, and the environment variable \fB\s-1TEMP\s0\fR or
627 \&\fB\s-1TMP\s0\fR, if present, specify the directory where the file
630 exist, it is possible to set \fB\s-1TMP\s0\fR to default to \fI/tmp\fR, and
631 \&\fB\s-1TEMP\s0\fR to default to \fB\s-1TMP\s0\fR.
642 This example shows how to enforce \s-1FIPS\s0 mode for the application
656 .IP "\fB\s-1OPENSSL_CONF\s0\fR" 4
659 Ignored in set-user-ID and set-group-ID programs.
660 .IP "\fB\s-1OPENSSL_ENGINES\s0\fR" 4
663 Ignored in set-user-ID and set-group-ID programs.
664 .IP "\fB\s-1OPENSSL_MODULES\s0\fR" 4
667 Ignored in set-user-ID and set-group-ID programs.
668 .IP "\fB\s-1OPENSSL_CONF_INCLUDE\s0\fR" 4
683 An undocumented \s-1API, \fBNCONF_WIN32\s0()\fR, used a slightly different set
687 could be used in pathnames, only the double-quote character was recognized,
688 and comments began with a semi-colon.
693 \&\fBopenssl\-x509\fR\|(1), \fBopenssl\-req\fR\|(1), \fBopenssl\-ca\fR\|(1),
694 \&\fBopenssl\-fipsinstall\fR\|(1),
703 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
707 in the file \s-1LICENSE\s0 in the source distribution or at