From 50997010d1032f408f7922f597386fb72025377c Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 31 Jan 2024 16:39:33 +0100 Subject: [PATCH] Add a directory for OpenSSL providers configuration Related: RHEL-17193 --- 0024-load-legacy-prov.patch | 2 +- openssl.spec | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/0024-load-legacy-prov.patch b/0024-load-legacy-prov.patch index edbe50b..52ac5d5 100644 --- a/0024-load-legacy-prov.patch +++ b/0024-load-legacy-prov.patch @@ -56,7 +56,7 @@ diff -up openssl-3.0.0/apps/openssl.cnf.legacy-prov openssl-3.0.0/apps/openssl.c +##activate = 1 + +#Place the third party provider configuration files into this folder -+.include /etc/pki/tls/include ++.include /etc/pki/tls/openssl.d [ ssl_module ] diff --git a/openssl.spec b/openssl.spec index 1dfd443..fbf2b6b 100644 --- a/openssl.spec +++ b/openssl.spec @@ -425,7 +425,7 @@ done # Install a makefile for generating keys and self-signed certs, and a script # for generating them on the fly. mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/certs -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/include +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.d install -m644 %{SOURCE2} $RPM_BUILD_ROOT%{_pkgdocdir}/Makefile.certificate install -m755 %{SOURCE6} $RPM_BUILD_ROOT%{_bindir}/make-dummy-cert install -m755 %{SOURCE7} $RPM_BUILD_ROOT%{_bindir}/renew-dummy-cert @@ -508,7 +508,7 @@ ln -s /etc/crypto-policies/back-ends/openssl_fips.config $RPM_BUILD_ROOT%{_sysco %dir %{_sysconfdir}/pki/tls/certs %dir %{_sysconfdir}/pki/tls/misc %dir %{_sysconfdir}/pki/tls/private -%dir %{_sysconfdir}/pki/tls/include +%dir %{_sysconfdir}/pki/tls/openssl.d %config(noreplace) %{_sysconfdir}/pki/tls/openssl.cnf %config(noreplace) %{_sysconfdir}/pki/tls/ct_log_list.cnf %config %{_sysconfdir}/pki/tls/fips_local.cnf