I need to change the OpenSSL configuration used by the PHP openssl* methods. phpinfo() reports the default openssl configuration present in /etc/ssl/openssl.cnf. But it doesn’t seem to have been used.
I changed openssl.cnf so that it contains some invalid values. Running openssl from the shell fails completely and complains about invalid configuration. Will the openssl* methods in my PHP script still work? ! They should fail with the same error message.
So, what is the actual OpenSSL configuration used by PHP?
PHP runs as an Apache2 module in an Alpine Linux Docker container (package php81-apache2)
There seems to be some caching involved (will have to investigate later). After letting the system sit for a few hours, the PHP method uses the changed configuration.