diff options
author | Daniel Bevenius <daniel.bevenius@gmail.com> | 2022-05-18 11:36:18 +0300 |
---|---|---|
committer | Daniel Bevenius <daniel.bevenius@gmail.com> | 2022-05-31 14:42:13 +0300 |
commit | 122c377eb999a73fd724568c7a3704c13d4c1cfd (patch) | |
tree | 08aa016d1866860d5151b7a20d2239664ebe2f13 /doc/api/cli.md | |
parent | f5a5df4802410e2f30a2ef1a0c324a090dbda361 (diff) |
src,doc,test: add --openssl-shared-config option
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..
PR-URL: https://github.com/nodejs/node/pull/43124
Refs: https://github.com/nodejs/node/issues/40366
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
Diffstat (limited to 'doc/api/cli.md')
-rw-r--r-- | doc/api/cli.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/doc/api/cli.md b/doc/api/cli.md index b29072164f9..6161cc552d5 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -783,6 +783,21 @@ Load an OpenSSL configuration file on startup. Among other uses, this can be used to enable FIPS-compliant crypto if Node.js is built against FIPS-enabled OpenSSL. +### `--openssl-shared-config` + +<!-- YAML +added: REPLACEME +--> + +Enable OpenSSL default configuration section, `openssl_conf` to be read from +the OpenSSL configuration file. The default configuration file is named +`openssl.cnf` but this can be changed using the environment variable +`OPENSSL_CONF`, or by using the command line option `--openssl-config`. +The location of the default OpenSSL configuration file depends on how OpenSSL +is being linked to Node.js. Sharing the OpenSSL configuration may have unwanted +implications and it is recommended to use a configuration section specific to +Node.js which is `nodejs_conf` and is default when this option is not used. + ### `--openssl-legacy-provider` <!-- YAML @@ -1675,6 +1690,7 @@ Node.js options that are allowed are: * `--node-memory-debug` * `--openssl-config` * `--openssl-legacy-provider` +* `--openssl-shared-config` * `--pending-deprecation` * `--policy-integrity` * `--preserve-symlinks-main` |