Hello, while following Rich Salz's suggestion to make use of CONF_modules_load_file() i stumbled personally over the restriction that only a global openssl.cnf seems to be supported. There is no support for automatic loading of a $HOME/.openssl.cnf on top of the global version.
And whereas setting of $OPENSSL_CONF could be used and communicated to users to achieve the desire, doing so actually replaces inclusion of the global openssl.cnf, which likely not results in the wanted effect!?! While here, it doesn't seem possible to _forbid_ use of $OPENSSL_CONF (from reading the manual)? If that is true then i would ask for an additional CONF_MFLAGS_NO_OPENSSL_CNF_ENV bit, too. --steffen _______________________________________________ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev