Bug 2010291 - Add RN text on Default Providers in OpenSSL
Summary: Add RN text on Default Providers in OpenSSL
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: doc-Release_Notes-9-en-US
Version: 9.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Lenka Špačková
QA Contact: Hubert Kario
Jan Fiala
Depends On:
TreeView+ depends on / blocked
Reported: 2021-10-04 12:04 UTC by Jan Fiala
Modified: 2022-05-17 13:55 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
.OpenSSL now includes providers The OpenSSL toolkit in version 3.0.1, which is included in RHEL 9, added the concept of providers. Providers are collections of algorithms, and you can choose different providers for different applications. OpenSSL currently includes the following providers: `base`, `default`, `fips`, `legacy`, and `null`. By default, OpenSSL loads and activates the `default` provider, which includes commonly used algorithms such as RSA, DSA, DH, CAMELLIA, SHA-1, and SHA-2. When the FIPS flag is set in the kernel, OpenSSL automatically loads the FIPS provider and uses only FIPS-approved algorithms. As a result, you do not have to manually switch OpenSSL to FIPS mode. To change to a different provider on the system level, edit the `openssl.cnf` configuration file. For example, if your scenario requires using the `legacy` provider, uncomment the corresponding section. WARNING: Explicitly activating a provider overrides the implicit activation of the default provider and may make the system remotely inaccessible, for example by the OpenSSH suite. For information on the algorithms included in each provider, see the relevant man pages. For example, the `OSSL_PROVIDER-legacy(7)` man page for the `legacy` provider.
Clone Of:
Last Closed: 2021-11-11 06:29:17 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-98759 0 None None None 2021-10-04 12:06:56 UTC

Note You need to log in before you can comment on or make changes to this bug.