Topic: How do use Alt names with the flag `--disable-opensslall`?

Im trying to have a light weight bundle by disabling features I don't need.
My current needs are to generate certificates on the fly with SAN, but while compiling with `--disable-opensslall`, `WOLFSSL_ALT_NAMES` is turned off.

So my question is, if I pass `WOLFSSL_ALT_NAMES` manually like in the example below, will it work correctly, or do I have to enable `opensslall`?

This is configuration I am talking about:

./configure \
    --disable-shared \
    --disable-opensslall \
    --disable-des3 \
    --disable-dh \
    --disable-oldtls \
    --disable-psk \
    --disable-md5 \
    --disable-sha \
    --enable-static \
    --enable-certgen \
    --enable-certext \
    CFLAGS="-arch arm64" \
    CPPFLAGS="-DWOLFSSL_ALT_NAMES" \
    --host=aarch64-apple-darwin

Share

Re: How do use Alt names with the flag `--disable-opensslall`?

Yes, that should work.  That is to say that WOLFSSL_ALT_NAMES does not depend on the openssl compatibility layer.  Note that you do not need to use --disable-opensslall; it is disabled by default.

Warm regards, Anthony

Share

Re: How do use Alt names with the flag `--disable-opensslall`?

Hi Samuel,

I am not sure how CPPFLAGS and CFLAGS work together during configure. I would typically provide all my options together in a single CFLAGS.

CFLAGS="-arch arm64 -DWOLFSSL_ALT_NAMES"

Thanks,
David Garske, wolfSSL

Share