logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Other Software View previous topic :: View next topic
Reply to topic   Topic: How to avoid referring the default OpenSSL conf location
Author
MDsKumaran



Joined: 25 Sep 2020
Posts: 2
Location: India

PostPosted: Mon 22 Mar '21 18:45    Post subject: How to avoid referring the default OpenSSL conf location Reply with quote

While the startup Apache refer the default OpenSSL Conf location - "c:\Apache24\conf\openssl.cnf".

If I set OPENSSL_CONF in the system environment path means.

How to avoid referring to the same OpenSSL conf path, If I have more than an apache server or OpenSSL application in the same machine. Embarassed

Is there any possible way to handle it in apache?

I have tried to set the below properties in apache httpd.conf but it doesn't help. It still referring the default location, We have monitor through the ProcessMonitor tool.

SetEnv OPENSSL_CONF "D:\Apache\conf\openssl.cnf"
Back to top
tangent
Moderator


Joined: 16 Aug 2020
Posts: 346
Location: UK

PostPosted: Wed 24 Mar '21 17:33    Post subject: Reply with quote

Presume you're looking to have different OpenSSL configuration files available to the OpenSSL libraries when they initialise within your various Apache instances, passing its location via the OPENSSL_CONF environment variable (though see question below)?

In which case, using the Apache SetEnv directive may be too late. See https://httpd.apache.org/docs/2.4/mod/mod_env.html which says:
    The internal environment variables set by this directive are set after most early request processing directives are run, such as access control and URI-to-filename mapping. If the environment variable you're setting is meant as input into this early phase of processing such as the RewriteRule directive, you should instead set the environment variable with SetEnvIf.
Try the PassEnv directive instead, which says:
    Specifies one or more native system environment variables to make available as internal environment variables, which are available to Apache HTTP Server modules as well as propagated to CGI scripts and SSI pages. Values come from the native OS environment of the shell which invoked the httpd process.
This may still be too late for some SSL handling though, and am intrigued what element of the OpenSSL configuration file you're picking up with each Apache instance, which isn't uniquely definable in the Apache configuration through the various Apache SSL directives https://httpd.apache.org/docs/current/mod/mod_ssl.html

I've only needed OpenSSL configuration files when working with the openssl command, for managing certificates.
Back to top


Reply to topic   Topic: How to avoid referring the default OpenSSL conf location View previous topic :: View next topic
Post new topic   Forum Index -> Other Software