diff --git a/pkcs11-provider.conf b/pkcs11-provider.conf new file mode 100644 index 0000000..d7c1f36 --- /dev/null +++ b/pkcs11-provider.conf @@ -0,0 +1,10 @@ +[provider_sect] +pkcs11 = pkcs11_sect + +[pkcs11_sect] +activate = 1 +## Some applications may require early loading to work properly +## however this setting should not be enabled by default because +## it will cause every application loading openssl to initialize +## the token. If needed uncomment the following: +#pkcs11-module-load-behavior = early diff --git a/pkcs11-provider.spec b/pkcs11-provider.spec index 657d39d..b1c45cf 100644 --- a/pkcs11-provider.spec +++ b/pkcs11-provider.spec @@ -12,6 +12,7 @@ Source0: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.xz Source1: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.xz.asc Source2: https://people.redhat.com/~ssorce/simo_redhat.asc %endif +Source3: pkcs11-provider.conf BuildRequires: openssl-devel >= 3.0.7 BuildRequires: gcc @@ -58,6 +59,10 @@ compatible to previous versions as well. %install %meson_install +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/openssl.d +install -m644 '%{SOURCE3}' \ + $RPM_BUILD_ROOT/%{_sysconfdir}/pki/tls/openssl.d/pkcs11-provider.conf + %check @@ -70,7 +75,7 @@ compatible to previous versions as well. %{_mandir}/man7/provider-pkcs11.* %doc README.md %{_libdir}/ossl-modules/pkcs11.so - +%config(noreplace) %{_sysconfdir}/pki/tls/openssl.d/pkcs11-provider.conf %changelog %autochangelog