summaryrefslogtreecommitdiff
path: root/apps/openssl-vms.cnf
Commit message (Collapse)AuthorAgeFilesLines
* Allow PKCS12 export to set arbitrary bag attributesGraham Woodward2022-09-231-0/+7
| | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19025)
* apps/openssl-vms.cnf: reflect latest changes by 'make update'Dr. David von Oheimb2022-09-131-2/+2
| | | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19179)
* Disclaimer about the default provider activation added to configDmitry Belyavskiy2021-08-121-0/+8
| | | | | | | | Fixes #16249 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16280)
* Add config_diagnostics to our configuration files.Pauli2021-08-041-2/+1
| | | | | | | | | | | | | | | | The change to a more configuration based approach to enable FIPS mode operation highlights a shortcoming in the default should do something approach we've taken for bad configuration files. Currently, a bad configuration file will be automatically loaded and once the badness is detected, it will silently stop processing the configuration and continue normal operations. This is good for remote servers, allowing changes to be made without bricking things. It's bad when a user thinks they've configured what they want but got something wrong and it still appears to work. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16171)
* Check the configuration file by defaultDmitry Belyavskiy2020-11-051-0/+4
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13310)
* Add FIPS related configuration data to the default openssl application ↵Shane Lontis2020-07-151-4/+30
| | | | | | | configuration file Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12333)
* Cleanup cert config files for testsRich Salz2020-06-031-53/+0
| | | | | | | | | | Merge test/P[12]ss.cnf into one config file Merge CAss.cnf and Uss.cnf into ca-and-certs.cnf Remove Netscape cert extensions, add keyUsage comment from some cnf files Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11347)
* Chunk 11 of CMP contribution to OpenSSL: CMP command-line interfaceDr. David von Oheimb2020-05-131-0/+56
| | | | | | | | | | | Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11470)
* Remove unnecessary trailing whitespaceSam Roberts2019-02-051-2/+2
| | | | | | | | | | | | Trim trailing whitespace. It doesn't match OpenSSL coding standards, AFAICT, and it can cause problems with git tooling. Trailing whitespace remains in test data and external source. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8092)
* Create the .rnd file it it does not existBernd Edlinger2018-09-231-2/+0
| | | | | | | | | | | | | | | | | | | It's a bit annoying, since some commands try to read a .rnd file, and print an error message if the file does not exist. But previously a .rnd file was created on exit, and that does no longer happen. Fixed by continuing in app_RAND_load_conf regardless of the error in RAND_load_file. If the random number generator is still not initalized on exit, the function RAND_write_file will fail and no .rnd file would be created. Remove RANDFILE from openssl.cnf Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7217)
* Add support for .include directive in config filesTomas Mraz2018-03-051-0/+4
| | | | | | | | | | Either files or directories of *.cnf or *.conf files can be included. Recursive inclusion of directories is not supported. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5351)
* Added support for ESSCertIDv2Marek Klein2017-05-031-0/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/771)
* RT3809: basicConstraints is criticalRich Salz2016-06-131-5/+1
| | | | | | | This is really a security bugfix, not enhancement any more. Everyone knows critical extensions. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Remove outdated legacy crypto optionsRich Salz2016-01-271-1/+0
| | | | | | | | | | | | | | | | | | | | | | Many options for supporting optimizations for legacy crypto on legacy platforms have been removed. This simplifies the source code and does not really penalize anyone. DES_PTR (always on) DES_RISC1, DES_RISC2 (always off) DES_INT (always 'unsigned int') DES_UNROLL (always on) BF_PTR (always on) BF_PTR2 (removed) MD2_CHAR, MD2_LONG (always 'unsigned char') IDEA_SHORT, IDEA_LONG (always 'unsigned int') RC2_SHORT, RC2_LONG (always 'unsigned int') RC4_LONG (only int and char (for assembler) are supported) RC4_CHUNK (always long), RC_CHUNK_LL (removed) RC4_INDEX (always on) And also make D_ENCRYPT macro more clear (@appro) This is done in consultation with Andy. Reviewed-by: Andy Polyakov <appro@openssl.org>
* Update to SHA256 for TSA signing digest.Rich Salz2015-12-301-1/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Use better defaults for TSA.Dr. Stephen Henson2015-11-201-1/+1
| | | | | | | | Use SHA256 for TSA and setted permitted digests to a sensible value. Based on PR#4141 Reviewed-by: Matt Caswell <matt@openssl.org>
* Add support for signer_digest option in TS.Dr. Stephen Henson2015-11-201-0/+1
| | | | | | Based on PR#2145 Reviewed-by: Matt Caswell <matt@openssl.org>
* RT3067: simplify patchEmilia Kasper2014-09-241-2/+2
| | | | | | | | (Original commit adb46dbc6dd7347750df2468c93e8c34bcb93a4b) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* misspellings fixes by https://github.com/vlajos/misspell_fixerVeres Lajos2013-09-051-2/+2
|
* make updateDr. Stephen Henson2011-12-271-1/+1
|
* Merge from 1.0.0-stable branch.Dr. Stephen Henson2009-04-231-3/+3
|
* Add SEED encryption algorithm.Bodo Möller2007-04-231-1/+1
| | | | | | PR: 1503 Submitted by: KISA Reviewed by: Bodo Moeller
* make updateRichard Levitte2006-05-121-1/+1
|
* Synchronise with openss.cnfRichard Levitte2006-02-261-5/+4
|
* RFC 3161 compliant time stamp request creation, response generationUlf Möller2006-02-121-2/+40
| | | | | | | and response verification. Submitted by: Zoltan Glozik <zglozik@opentsa.org> Reviewed by: Ulf Moeller
* make updateNils Larsch2005-04-221-1/+1
|
* Add functionality needed to process proxy certificates.Richard Levitte2004-12-281-0/+53
|
* make updateRichard Levitte2004-05-131-9/+33
|
* Adjust to changes in apps/openssl.cnfRichard Levitte1999-11-121-4/+26
|
* Bring VMS in sync with the recent changes.Ulf Möller1999-05-201-19/+43
| | | | Submitted by: Richard Levitte <levitte@stacken.kth.se>
* VMS support.Ulf Möller1999-05-131-0/+190
Submitted by: Richard Levitte <richard@levitte.org>
View Lorry Controller Status