--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
-@@ -30,6 +30,16 @@ oid_section = new_oids
- # (Alternatively, use a configuration file that has only
- # X.509v3 extensions in its main [= default] section.)
+@@ -52,10 +52,13 @@ tsa_policy3 = 1.2.3.4.5.7
-+openssl_conf=openssl_conf
+ [openssl_init]
+ providers = provider_sect
++engines = engines_sect
+
+ # List of providers to load
+ [provider_sect]
+ default = default_sect
++.include /var/etc/ssl/providers.cnf
+
-+[openssl_conf]
-+engines=engines
+ # The fips section name should match the section name inside the
+ # included fipsmodule.cnf.
+ # fips = fips_sect
+@@ -69,7 +72,13 @@ default = default_sect
+ # OpenSSL may not work correctly which could lead to significant system
+ # problems including inability to remotely access the system.
+ [default_sect]
+-# activate = 1
++activate = 1
+
-+[engines]
++[engines_sect]
+.include /var/etc/ssl/engines.cnf
+
-+.include /etc/ssl/engines.cnf.d
++.include /etc/ssl/modules.cnf.d
+
- [ new_oids ]
- # We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
- # Add a simple OID like this:
+
+
+ ####################################################################
projects / openwrt / staging / wigyori.git / blobdiff