config.5 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man5/config.5

Lines Matching +full:sub +full:- +full:engines
18 .\" Set up some character translations and predefined strings.  \*(-- will
24 .tr \(*W-
27 .    ds -- \(*W-
29 .    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 .    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
37 .    ds -- \|\(em\|
71 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
81 .    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 .    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 .    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
99 .    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
100 .    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
101 .    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
102 .    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
104 .    \" troff and (daisy-wheel) nroff accents
123 .    ds d- d\h'-1'\(ga
124 .    ds D- D\h'-1'\(hy
134 .TH CONFIG 5ossl "2023-09-19" "3.0.11" "OpenSSL"
140 config \- OpenSSL CONF library configuration files
152 The syntax for defining \s-1ASN.1\s0 values is described in
159 is the first non-space character in a line, the entire line is ignored.
179 available on systems with \s-1POSIX IO\s0 support.)  Any sub-directories found
186 The environment variable \fB\s-1OPENSSL_CONF_INCLUDE\s0\fR, if it exists,
214 \&\fBtrue\fR or \fBon\fR, then \f(CW\*(C`foo$bar\*(C'\fR is a single seven-character name and
222 the \fB\s-1OPENSSL_CONF_INCLUDE\s0\fR environment variable doesn't exist, then
239 The environment is mapped onto a section called \fB\s-1ENV\s0\fR.
262 In order to support this, commands like \fBopenssl\-req\fR\|(1) ignore any
285 Any name/value settings in an \fB\s-1ENV\s0\fR section are available
303 \&\fI\s-1FIPS\s0 module\fR, for example.
330 \& engines = engines
345 \& [engines]
357 .SS "\s-1ASN.1\s0 Object Identifier Configuration"
360 containing name/value pairs of \s-1OID\s0's.
363 While some OpenSSL commands have their own section for specifying \s-1OID\s0's,
377 \& OPENSSL_CONF=example.cnf openssl asn1parse \-genstr OID:1.2.3.4.1
386 showing that the \s-1OID\s0 \*(L"newoid1\*(R" has been added as \*(L"1.2.3.4.1\*(R".
392 for that provider. The provider-specific section is used to specify how
416 All parameters in the section as well as sub-sections are made
423 See \fBOSSL_PROVIDER\-default\fR\|(7) for more details.
428 .SS "\s-1EVP\s0 Configuration"
431 containing algorithmic properties when using the \fB\s-1EVP\s0\fR \s-1API.\s0
449 .SS "\s-1SSL\s0 Configuration"
452 containing the list of \s-1SSL/TLS\s0 configurations.
470 exists, it is applied whenever an \fB\s-1SSL_CTX\s0\fR object is created.  For example,
471 to impose system-wide minimum \s-1TLS\s0 and \s-1DTLS\s0 protocol versions:
479 The minimum \s-1TLS\s0 protocol is applied to \fB\s-1SSL_CTX\s0\fR objects that are TLS-based,
480 and the minimum \s-1DTLS\s0 protocol to those are DTLS-based.
492 \& RSA.Certificate = server\-rsa.pem
493 \& ECDSA.Certificate = server\-ecdsa.pem
497 The name \fBengines\fR in the initialization section names the section
498 containing the list of \s-1ENGINE\s0 configurations.
501 The engine-specific section is used to specify how to load the engine,
508 specified in the list of engines. If present, it must be first.
512 \& [engines]
520 This loads and adds an \s-1ENGINE\s0 from the given path. It is equivalent to
521 sending the ctrls \fB\s-1SO_PATH\s0\fR with the path argument followed by \fB\s-1LIST_ADD\s0\fR
522 with value \fB2\fR and \fB\s-1LOAD\s0\fR to the dynamic \s-1ENGINE.\s0  If this is not the
524 dynamic \s-1ENGINE\s0 using ctrl commands.
527 This specifies whether to initialize the \s-1ENGINE.\s0 If the value is \fB0\fR the
528 \&\s-1ENGINE\s0 will not be initialized, if the value is \fB1\fR an attempt is made
530 the \s-1ENGINE\s0 immediately. If the \fBinit\fR command is not present then an
531 attempt will be made to initialize the \s-1ENGINE\s0 after all commands in its
535 This sets the default algorithms an \s-1ENGINE\s0 will supply using the function
539 sent to the \s-1ENGINE,\s0 and the value is the argument passed with the command.
540 The special value \fB\s-1EMPTY\s0\fR means no value is sent with the command.
544 \& [engines]
566 \& random = CTR\-DRBG
571 .IP "\fBCTR-DRBG\fR" 4
572 .IX Item "CTR-DRBG"
574 .IP "\fBHASH-DRBG\fR" 4
575 .IX Item "HASH-DRBG"
576 .IP "\fBHMAC-DRBG\fR" 4
577 .IX Item "HMAC-DRBG"
584 This specifies what cipher a \fBCTR-DRBG\fR random bit generator will use.
586 The default value is \fB\s-1AES\-256\-CTR\s0\fR.
589 This specifies what digest the \fBHASH-DRBG\fR or \fBHMAC-DRBG\fR random bit
597 This sets the randomness source that should be used.  By default \fBSEED-SRC\fR
598 will be used outside of the \s-1FIPS\s0 provider.  The \s-1FIPS\s0 provider uses call backs
626 to a temporary file, and the environment variable \fB\s-1TEMP\s0\fR or
627 \&\fB\s-1TMP\s0\fR, if present, specify the directory where the file
630 exist, it is possible to set \fB\s-1TMP\s0\fR to default to \fI/tmp\fR, and
631 \&\fB\s-1TEMP\s0\fR to default to \fB\s-1TMP\s0\fR.
642 This example shows how to enforce \s-1FIPS\s0 mode for the application
656 .IP "\fB\s-1OPENSSL_CONF\s0\fR" 4
659 Ignored in set-user-ID and set-group-ID programs.
660 .IP "\fB\s-1OPENSSL_ENGINES\s0\fR" 4
662 The path to the engines directory.
663 Ignored in set-user-ID and set-group-ID programs.
664 .IP "\fB\s-1OPENSSL_MODULES\s0\fR" 4
667 Ignored in set-user-ID and set-group-ID programs.
668 .IP "\fB\s-1OPENSSL_CONF_INCLUDE\s0\fR" 4
683 An undocumented \s-1API, \fBNCONF_WIN32\s0()\fR, used a slightly different set
687 could be used in pathnames, only the double-quote character was recognized,
688 and comments began with a semi-colon.
693 \&\fBopenssl\-x509\fR\|(1), \fBopenssl\-req\fR\|(1), \fBopenssl\-ca\fR\|(1),
694 \&\fBopenssl\-fipsinstall\fR\|(1),
703 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
707 in the file \s-1LICENSE\s0 in the source distribution or at