> On Mon, 19 Feb 2018 Jayalakshmi Bhat wrote: > > Engine usage is application specific.There are couple of applications > dependent on RSA TPM? engine. And are few applications dependent on > RSA smart card engine.? > > We wanted to know if there are any APIs provided by OpenSSL to make the > engine usage application specific? Is there any way we can make OpenSSL > chose specific engine for > > specific application. > I think but don't quote me that if your applications are using the openssl.cnf file to configure the engine you are going to use, then the OPENSSL_CONF environment variable will allow you to control the configuration file loaded by OpenSSL. This allows you to have application specific configuration files that load the engine you require and make it the default engine. This is dependent on your application having been built with OPENSSL_LOAD_CONF defined. You can also control the config file loaded programmatically via OPENSSL_config. The alternative is loading your engine programmatically such as nginx does: https://github.com/nginx/nginx/blob/master/src/event/ngx_event_openssl.c#L4193-L4237 and use ENGINE_set_default to make the engine you require the default for that application. Of course that is only useful if you are in control of your applications source code. There are more details here: https://wiki.openssl.org/index.php/Library_Initialization https://www.openssl.org/docs/manmaster/man5/config.html Steve Linsell Intel Shannon DCG/CID Software Development Team Stevenx.Linsell@xxxxxxxxx -------------------------------------------------------------- Intel Research and Development Ireland Limited Registered in Ireland Registered Office: Collinstown Industrial Park, Leixlip, County Kildare Registered Number: 308263 This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
