[thirdparty/openssl.git] / doc / man7 / openssl-env.pod

=pod

=head1 NAME

openssl-env - OpenSSL environment variables

=head1 DESCRIPTION

The OpenSSL libraries use environment variables to override the
compiled-in default paths for various data.
To avoid security risks, the environment is usually not consulted when
the executable is set-user-ID or set-group-ID.

=over 4

=item B<CTLOG_FILE>

Specifies the path to a certificate transparency log list.
See L<CTLOG_STORE_new(3)>.

=item B<OPENSSL>

Specifies the path to the B<openssl> executable. Used by
the B<rehash> script (see L<openssl-rehash(1)/Script Configuration>)
and by the B<CA.pl> script (see L<CA.pl(1)/NOTES>

=item B<OPENSSL_CONF>, B<OPENSSL_CONF_INCLUDE>

Specifies the path to a configuration file and the directory for
included files.
See L<config(5)>.

=item B<OPENSSL_CONFIG>

Specifies a configuration option and filename for the B<req> and B<ca>
commands invoked by the B<CA.pl> script.
See L<CA.pl(1)>.

=item B<OPENSSL_ENGINES>

Specifies the directory from which dynamic engines are loaded.
See L<openssl-engine(1)>.

=item B<OPENSSL_MALLOC_FD>, B<OPENSSL_MALLOC_FAILURES>

If built with debugging, this allows memory allocation to fail.
See L<OPENSSL_malloc(3)>.

=item B<OPENSSL_MODULES>

Specifies the directory from which cryptographic providers are loaded.

=item B<OPENSSL_WIN32_UTF8>

If set, then L<UI_OpenSSL(3)> returns UTF-8 encoded strings, rather than
ones encoded in the current code page, and
the L<openssl(1)> program also transcodes the command-line parameters
from the current code page to UTF-8.
This environment variable is only checked on Microsoft Windows platforms.

=item B<RANDFILE>

The state file for the random number generator.
This should not be needed in normal use.
See L<RAND_load_file(3)>.

=item B<SSL_CERT_DIR>, B<SSL_CERT_FILE>

Specify the default directory or file containing CA certificates.
See L<SSL_CTX_load_verify_locations(3)>.

=item B<TSGET>

Additional arguments for the L<tsget(1)> command.

=back

=head1 COPYRIGHT

Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
22bb8c25 RS	1	=pod
	2
	3	=head1 NAME
	4
	5	openssl-env - OpenSSL environment variables
	6
	7	=head1 DESCRIPTION
	8
	9	The OpenSSL libraries use environment variables to override the
	10	compiled-in default paths for various data.
	11	To avoid security risks, the environment is usually not consulted when
	12	the executable is set-user-ID or set-group-ID.
	13
	14	=over 4
	15
	16	=item B<CTLOG_FILE>
	17
	18	Specifies the path to a certificate transparency log list.
	19	See L<CTLOG_STORE_new(3)>.
	20
	21	=item B<OPENSSL>
	22
a8055c70 RS	23	Specifies the path to the B<openssl> executable. Used by
	24	the B<rehash> script (see L<openssl-rehash(1)/Script Configuration>)
	25	and by the B<CA.pl> script (see L<CA.pl(1)/NOTES>
22bb8c25	26
a8055c70	27	=item B<OPENSSL_CONF>, B<OPENSSL_CONF_INCLUDE>
22bb8c25	28
a8055c70 RS	29	Specifies the path to a configuration file and the directory for
a8055c70 RS	30	included files.
15795943	31	See L<config(5)>.
22bb8c25	32
a8055c70 RS	33	=item B<OPENSSL_CONFIG>
	34
	35	Specifies a configuration option and filename for the B<req> and B<ca>
	36	commands invoked by the B<CA.pl> script.
	37	See L<CA.pl(1)>.
	38
22bb8c25 RS	39	=item B<OPENSSL_ENGINES>
	40
	41	Specifies the directory from which dynamic engines are loaded.
	42	See L<openssl-engine(1)>.
	43
	44	=item B<OPENSSL_MALLOC_FD>, B<OPENSSL_MALLOC_FAILURES>
	45
	46	If built with debugging, this allows memory allocation to fail.
fadb57e5	47	See L<OPENSSL_malloc(3)>.
22bb8c25 RS	48
	49	=item B<OPENSSL_MODULES>
	50
	51	Specifies the directory from which cryptographic providers are loaded.
22bb8c25 RS	52
	53	=item B<OPENSSL_WIN32_UTF8>
	54
	55	If set, then L<UI_OpenSSL(3)> returns UTF-8 encoded strings, rather than
	56	ones encoded in the current code page, and
	57	the L<openssl(1)> program also transcodes the command-line parameters
	58	from the current code page to UTF-8.
	59	This environment variable is only checked on Microsoft Windows platforms.
	60
	61	=item B<RANDFILE>
	62
	63	The state file for the random number generator.
	64	This should not be needed in normal use.
	65	See L<RAND_load_file(3)>.
	66
	67	=item B<SSL_CERT_DIR>, B<SSL_CERT_FILE>
	68
	69	Specify the default directory or file containing CA certificates.
	70	See L<SSL_CTX_load_verify_locations(3)>.
	71
	72	=item B<TSGET>
	73
	74	Additional arguments for the L<tsget(1)> command.
	75
	76	=back
	77
	78	=head1 COPYRIGHT
	79
4333b89f	80	Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
22bb8c25 RS	81
	82	Licensed under the Apache License 2.0 (the "License"). You may not use
	83	this file except in compliance with the License. You can obtain a copy
	84	in the file LICENSE in the source distribution or at
	85	L<https://www.openssl.org/source/license.html>.
	86
	87	=cut