+ There are several options to ./config (or ./Configure) to customize
+ the build (note that for Windows, the defaults for --prefix and
+ --openssldir depend in what configuration is used and what Windows
+ implementation OpenSSL is built on. More notes on this in NOTES.WIN):
+
+ --prefix=DIR The top of the installation directory tree. Defaults are:
+
+ Unix: /usr/local
+ Windows: C:\Program Files\OpenSSL
+ or C:\Program Files (x86)\OpenSSL
+ OpenVMS: SYS$COMMON:[OPENSSL-'version']
+
+ --openssldir=DIR Directory for OpenSSL configuration files, and also the
+ default certificate and key store. Defaults are:
+
+ Unix: /usr/local/ssl
+ Windows: C:\Program Files\Common Files\SSL
+ or C:\Program Files (x86)\Common Files\SSL
+ OpenVMS: SYS$COMMON:[OPENSSL-COMMON]
+
+ --api=x.y.z Don't build with support for deprecated APIs below the
+ specified version number. For example "--api=1.1.0" will
+ remove support for all APIS that were deprecated in OpenSSL
+ version 1.1.0 or below.
+
+ no-deprecated Don't build with support for any deprecated APIs. This is the
+ same as using "--api" and supplying the latest version
+ number.
+
+ no-autoalginit Don't automatically load all supported ciphers and digests.
+ Typically OpenSSL will make available all of its supported
+ ciphers and digests. For a statically linked application this
+ may be undesirable if small executable size is an objective.
+ This only affects libcrypto. Ciphers and digests will have to
+ be loaded manually using EVP_add_cipher() and
+ EVP_add_digest() if this option is used.
+
+ no-autoerrinit Don't automatically load all libcrypto/libssl error strings.
+ Typically OpenSSL will automatically load human readable
+ error strings. For a statically linked application this may
+ be undesirable if small executable size is an objective.
+
+ no-threads Don't try to build with support for multi-threaded
+ applications.
+
+ threads Build with support for multi-threaded applications.
+ This will usually require additional system-dependent
+ options! See "Note on multi-threading" below.
+
+ no-zlib Don't try to build with support for zlib compression and
+ decompression.
+
+ zlib Build with support for zlib compression/decompression.
+
+ zlib-dynamic Like "zlib", but has OpenSSL load the zlib library
+ dynamically when needed. This is only supported on systems
+ where loading of shared libraries is supported. This is the
+ default choice.
+
+ no-shared Don't try to create shared libraries.
+
+ shared In addition to the usual static libraries, create shared
+ libraries on platforms where it's supported. See "Note on
+ shared libraries" below.
+
+ no-asm Do not use assembler code.
+
+ 386 On Intel hardware, use the 80386 instruction set only
+ (the default x86 code is more efficient, but requires at
+ least a 486). Note: Use compiler flags for any other CPU
+ specific configuration, e.g. "-m32" to build x86 code on
+ an x64 system.
+
+ no-sse2 Exclude SSE2 code pathes. Normally SSE2 extension is
+ detected at run-time, but the decision whether or not the
+ machine code will be executed is taken solely on CPU
+ capability vector. This means that if you happen to run OS
+ kernel which does not support SSE2 extension on Intel P4
+ processor, then your application might be exposed to
+ "illegal instruction" exception. There might be a way
+ to enable support in kernel, e.g. FreeBSD kernel can be
+ compiled with CPU_ENABLE_SSE, and there is a way to
+ disengage SSE2 code pathes upon application start-up,
+ but if you aim for wider "audience" running such kernel,
+ consider no-sse2. Both 386 and no-asm options above imply
+ no-sse2.
+
+ no-<alg> Build without the specified algorithm (bf, cast, des, dh,
+ dsa, hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
+
+ -Dxxx, -lxxx, These system specific options will be passed through to the
+ -Lxxx, -fxxx, compiler to allow you to define preprocessor symbols, specify
+ -mXXX, -Kxxx additional libraries, library directories or other compiler
+ options.