From: Dr. Stephen Henson Date: Tue, 6 Apr 2010 15:05:47 +0000 (+0000) Subject: Remove obsolete PRNG note. Add comment about use of SHA256 et al. X-Git-Tag: OpenSSL_1_0_0a~56 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f6d13ac8cf4cacf4f0150290b4aee67062bfacc7;p=oweals%2Fopenssl.git Remove obsolete PRNG note. Add comment about use of SHA256 et al. --- diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod index eed526e47e..e7fbefbfac 100644 --- a/doc/ssl/SSL_library_init.pod +++ b/doc/ssl/SSL_library_init.pod @@ -15,7 +15,7 @@ SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms =head1 DESCRIPTION -SSL_library_init() registers the available ciphers and digests. +SSL_library_init() registers the available SSL/TLS ciphers and digests. OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms for SSL_library_init(). @@ -27,9 +27,10 @@ SSL_library_init() is not reentrant. =head1 WARNING -SSL_library_init() only registers ciphers. Another important initialization -is the seeding of the PRNG (Pseudo Random Number Generator), which has to -be performed separately. +SSL_library_init() mainly adds ciphers and digests used directly by SSL/TLS. +In some cases this is not sufficient and errors about unknown algorithms +will occur: for example when an attempt is made to use a certificate using +SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms(). =head1 EXAMPLES