diff options
| author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2019-11-13 16:02:09 +0100 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2019-11-24 08:35:14 +0100 |
| commit | 23f3993127c0a05651e28701d91edb478ebe6efa (patch) | |
| tree | 6ee21d66ade039064e05a0078ca8c526b650d3af /test/test.cnf | |
| parent | Remove deadlock that was caused by calling pthread_rwlock_wrlock() on same th... (diff) | |
| download | openssl-23f3993127c0a05651e28701d91edb478ebe6efa.tar.xz openssl-23f3993127c0a05651e28701d91edb478ebe6efa.zip | |
Remove RANDFILE settings from configuration files
OpenSSL 1.1.1 introduced a new CSPRNG with an improved seeding
mechanism, which makes it dispensable to define a RANDFILE for
saving and restoring randomness. This commit removes the RANDFILE
declarations from our own configuration files and adds documentation
that this option is not needed anymore and retained mainly for
compatibility reasons.
Fixes #10433
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10436)
Diffstat (limited to 'test/test.cnf')
| -rw-r--r-- | test/test.cnf | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/test/test.cnf b/test/test.cnf index 718b0bf1f2..1e2fa31cce 100644 --- a/test/test.cnf +++ b/test/test.cnf @@ -3,8 +3,6 @@ # This is mostly being used for generation of certificate requests. # -RANDFILE = ./.rnd - #################################################################### [ ca ] default_ca = CA_default # The default ca section @@ -22,7 +20,6 @@ certificate = $dir/CAcert.pem # The CA certificate serial = $dir/serial # The current serial number crl = $dir/crl.pem # The current CRL private_key = $dir/private/CAkey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file default_days = 365 # how long to certify for default_crl_days= 30 # how long before next CRL |