How to confirm openssl is reading its config file

cg flag

Is there a simple way of changing the openssl config file and confirming with openssl command line parameters to confirm that it is reading the configuration file? (I'm trying to confirm that the openssl command is reading the file from the specified location and also programmatic access to openssl is also reading the config file.) For example can I change a setting in the config file and view it through "openssl version -a" or "openssl ciphers -v"?

br flag
Put a smelling pistake in it - it'll soon let you know.
Brian avatar
cg flag
Thanks Gareth. Tried spelling mistake, deleting the file, etc but "openssl version -a" doesn't complain at all. File is located via set command: OPENSSL_CONF=C:\OpenSSL\SSL\openssl.cnf. Very confusing...
mt flag

I tried adding a syntax error to the configuration file and still saw no errors when running openssl version -a. However, when attempting to load an engine, I finally saw the configuration file processing errors. Example:

openssl engine -c myengine
1995448336:error:0E079065:configuration file routines:def_load_bio:missing equal sign:../openssl-1.1.1t/crypto/conf/conf_def.c:407:line 15

This confirmed for me that the config file was being loaded.

I sit in a Tesla and translated this thread with Ai:


Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.