1e1051a39Sopenharmony_ciopenssl_conf = openssl_init 2e1051a39Sopenharmony_ci 3e1051a39Sopenharmony_ci# Comment out the next line to ignore configuration errors 4e1051a39Sopenharmony_ciconfig_diagnostics = 1 5e1051a39Sopenharmony_ci 6e1051a39Sopenharmony_ci.include fipsmodule.cnf 7e1051a39Sopenharmony_ci 8e1051a39Sopenharmony_ci[openssl_init] 9e1051a39Sopenharmony_ciproviders = provider_sect 10e1051a39Sopenharmony_cialg_section = evp_properties 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci[evp_properties] 13e1051a39Sopenharmony_ci# Ensure FIPS non-approved algorithms in the FIPS module are suppressed (e.g. 14e1051a39Sopenharmony_ci# TEST-RAND). This also means that EVP_default_properties_is_fips_enabled() 15e1051a39Sopenharmony_ci# returns the expected value 16e1051a39Sopenharmony_cidefault_properties = "fips=yes" 17e1051a39Sopenharmony_ci 18e1051a39Sopenharmony_ci[provider_sect] 19e1051a39Sopenharmony_cifips = fips_sect 20