SSL_CTX_config(3) | OpenSSL | SSL_CTX_config(3) |
#include <openssl/ssl.h> int SSL_CTX_config(SSL_CTX *ctx, const char *name); int SSL_config(SSL *s, const char *name);
A configuration file must have been previously loaded, for example using CONF_modules_load_file(). See config(5) for details of the configuration file syntax.
testapp = test_sect [test_sect] # list of configuration modules ssl_conf = ssl_sect [ssl_sect] server = server_section [server_section] RSA.Certificate = server-rsa.pem ECDSA.Certificate = server-ecdsa.pem Ciphers = ALL:!RC4
An application could call:
if (CONF_modules_load_file("config.cnf", "testapp", 0) <= 0) { fprintf(stderr, "Error processing config file\n"); goto err; } ctx = SSL_CTX_new(TLS_server_method()); if (SSL_CTX_config(ctx, "server") == 0) { fprintf(stderr, "Error configuring server.\n"); goto err; }
In this example two certificates and the cipher list are configured without the need for any additional application code.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
2019-03-12 | 1.1.1c |