Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: How to avoid referring the default OpenSSL conf location |
|
| Author |
|
MDsKumaran
Joined: 25 Sep 2020
Posts: 2
Location: India
|
 Posted: Mon 22 Mar '21 18:45 Post subject: How to avoid referring the default OpenSSL conf location |
 |
|
While the startup Apache refer the default OpenSSL Conf location - "c:\Apache24\conf\openssl.cnf".
If I set OPENSSL_CONF in the system environment path means.
How to avoid referring to the same OpenSSL conf path, If I have more than an apache server or OpenSSL application in the same machine. 
Is there any possible way to handle it in apache?
I have tried to set the below properties in apache httpd.conf but it doesn't help. It still referring the default location, We have monitor through the ProcessMonitor tool.
SetEnv OPENSSL_CONF "D:\Apache\conf\openssl.cnf" |
|
| Back to top |
|
tangent
Moderator
Joined: 16 Aug 2020
Posts: 348
Location: UK
|
| Posted: Wed 24 Mar '21 17:33 Post subject: |
|
|
Presume you're looking to have different OpenSSL configuration files available to the OpenSSL libraries when they initialise within your various Apache instances, passing its location via the OPENSSL_CONF environment variable (though see question below)?
In which case, using the Apache SetEnv directive may be too late. See https://httpd.apache.org/docs/2.4/mod/mod_env.html which says:
The internal environment variables set by this directive are set after most early request processing directives are run, such as access control and URI-to-filename mapping. If the environment variable you're setting is meant as input into this early phase of processing such as the RewriteRule directive, you should instead set the environment variable with SetEnvIf. Try the PassEnv directive instead, which says:Specifies one or more native system environment variables to make available as internal environment variables, which are available to Apache HTTP Server modules as well as propagated to CGI scripts and SSI pages. Values come from the native OS environment of the shell which invoked the httpd process. This may still be too late for some SSL handling though, and am intrigued what element of the OpenSSL configuration file you're picking up with each Apache instance, which isn't uniquely definable in the Apache configuration through the various Apache SSL directives https://httpd.apache.org/docs/current/mod/mod_ssl.html
I've only needed OpenSSL configuration files when working with the openssl command, for managing certificates. |
|
| Back to top |
|
|
|
|
|
|
