sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-27 14:28:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
php-doc-en/reference/openssl/configure.xml
Christoph Michael Becker 9e4c917c09 Fix other miscellaneous typos 
Detected by codespell

Patch provided by tandre@php.net.


git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@349709 c90b9560-bf6c-de11-be94-00142212c4b1
2020-04-27 06:50:00 +00:00

125 lines
4.2 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<section xml:id="openssl.installation" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
&reftitle.install;
<para>
To use PHP's OpenSSL support you must also compile PHP <option
role="configure">--with-openssl[=DIR]</option>.
</para>
<para>
The OpenSSL library also has additional requirements for normal operation at
run-time. Most notably, OpenSSL requires access to a random or pseudo-random
number generator; on most Unix and Unix-like platforms (including Linux),
this means that it must have access to a <literal>/dev/urandom</literal> or
<literal>/dev/random</literal> device.
</para>
<para>
As of PHP 5.6.3, the configure option <option role="configure">--with-system-ciphers</option>
is available which causes PHP to use the system cipher list instead of a hard-coded default.
</para>
<note>
<title>Note to Win32 Users</title>
<para>
&ext.windows.path.dll;
<filename>libeay32.dll</filename>,
or, as of OpenSSL 1.1, <filename>libcrypto-*.dll</filename>
</para>
<para>
Additionally, if you are planning to use the key generation and certificate
signing functions, you will need to install a valid
<filename>openssl.cnf</filename> file on your system.
We include a sample configuration file
in our win32 binary distributions, in the
<filename class="directory">extras/openssl</filename> directory.
</para>
<para>
PHP will search for the <filename>openssl.cnf</filename> using the
following logic:
<itemizedlist>
<listitem>
<simpara>the <literal>OPENSSL_CONF</literal> environmental variable, if
set, will be used as the path (including filename) of the configuration
file.
</simpara>
</listitem>
<listitem>
<simpara>the <literal>SSLEAY_CONF</literal> environmental variable, if
set, will be used as the path (including filename) of the configuration
file.
</simpara>
</listitem>
<listitem>
<simpara>The file <filename>openssl.cnf</filename> will be assumed to be
found in the default certificate area, as configured at the time that
the openssl DLL was compiled. This is usually means that the default
filename is <filename>C:\Program Files\Common Files\SSL\openssl.cnf</filename> (x64)
or <filename>C:\Program Files (x86)\Common Files\SSL\openssl.cnf</filename> (x86), or,
prior to PHP 7.4.0, <filename>C:\usr\local\ssl\openssl.cnf</filename>.
</simpara>
</listitem>
</itemizedlist>
</para>
<simpara>
In your installation, you need to decide whether to install the
configuration file in the default path or
whether to install it someplace else and use environmental variables
(possibly on a per-virtual-host basis) to locate the configuration file.
Note that it is possible to override the default path from the script using
the <parameter>configargs</parameter> of the functions that require a
configuration file.
</simpara>
<caution>
<simpara>
Ensure that non-privileged users are not allowed to modify <filename>openssl.cnf</filename>.
</simpara>
</caution>
</note>
<simplesect role="changelog">
&reftitle.changelog;
<para>
<informaltable>
<tgroup cols="2">
<thead>
<row>
<entry>&Version;</entry>
<entry>&Description;</entry>
</row>
</thead>
<tbody>
<row>
<entry>7.4.0</entry>
<entry>
The OpenSSL default config path has been changed from <filename>C:\usr\local\ssl</filename>
to <filename>C:\Program Files\Common Files\SSL</filename> and
<filename>C:\Program Files (x86)\Common Files\SSL</filename>, respectively.
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</para>
</simplesect>
</section>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
Reference in a new issue View git blame Copy permalink