From: Dr. Stephen Henson Date: Tue, 6 Apr 2010 15:02:43 +0000 (+0000) Subject: Remove obsolete PRNG note. Add comment about use of SHA256 et al. X-Git-Tag: OpenSSL_0_9_8o~27 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=9eeb779e8ffa78d0a7e9aba395ffedca187a7aef;p=oweals%2Fopenssl.git Remove obsolete PRNG note. Add comment about use of SHA256 et al. --- diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod index ecf3c4858e..0e9b035884 100644 --- a/doc/ssl/SSL_library_init.pod +++ b/doc/ssl/SSL_library_init.pod @@ -15,7 +15,7 @@ SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms =head1 DESCRIPTION -SSL_library_init() registers the available ciphers and digests. +SSL_library_init() registers the available SSL/TLS ciphers and digests. OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms for SSL_library_init(). @@ -26,9 +26,10 @@ SSL_library_init() must be called before any other action takes place. =head1 WARNING -SSL_library_init() only registers ciphers. Another important initialization -is the seeding of the PRNG (Pseudo Random Number Generator), which has to -be performed separately. +SSL_library_init() mainly adds ciphers and digests used directly by SSL/TLS. +In some cases this is not sufficient and errors about unknown algorithms +will occur: for example when an attempt is made to use a certificate using +SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms(). =head1 EXAMPLES