I found the following instructions to get Intel's contrib OpenSSL 0.9.8 engine code on some Westmere-based systems that we have:

$ wget https://www.openssl.org/contrib/intel-accel-1.5.tar.gz
$ tar -zxvf intel-accel-1.5.tar.gz
$ cd intel-accel-1.5
$ make
$  sudo cp libintel-accel.so /usr/lib/ssl/engines/

dm@test:~$ openssl speed -evp aes-256-cbc -engine intel-accel
[...]
type         16 bytes    64 bytes   256 bytes   1024 bytes   8192 bytes
aes-256-cbc 411556.71k  552666.78k  585173.93k   590249.30k   592617.47k

dm@test:~$ openssl speed -evp aes-256-cbc # No Intel AES-NI
[...]
type         16 bytes    64 bytes   256 bytes   1024 bytes   8192 bytes
aes-256-cbc  67324.29k   98995.86k  118538.15k   123550.22k   124304.70k

How do I have to edit the /etc/ssl/openssl.cnf file on my Debian 6 machine/s to have this engine used by default by anything else that may link to OpenSSL (e.g., OpenSSH 5.5p1, Apache, etc.)?

I tried the following:

# at the top of the openssl.cnf
openssl_conf = openssl_def
[...]
# at the bottom:
[openssl_def]
engines = engine_section
[engine_section]
foo = aesni_section
[aesni_section]
dynamic_path = /usr/lib/ssl/engines/libintel-accel.so
engine_id = intel-accel
default_algorithms = ALL
init = 1

which gives the following error:

dm@test:~$ openssl speed -evp aes-256-cbc 
Error configuring OpenSSL
1645:error:26078067:engine routines:ENGINE_LIST_ADD:conflicting engine id:eng_list.c:116:
1645:error:2606906E:engine routines:ENGINE_add:internal list error:eng_list.c:288:
1645:error:260B6067:engine routines:DYNAMIC_LOAD:conflicting engine id:eng_dyn.c:540:
1645:error:260BC065:engine routines:INT_ENGINE_CONFIGURE:engine configuration error:eng_cnf.c:204:section=aesni_section, name=dynamic_path, value=/usr/lib/ssl/engines/libintel-accel.so
1645:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:conf_mod.c:235:module=engines, value=engine_section, retcode=-1      
Segmentation fault

What's the magic incantation to put in config(5SSL) so that this becomes a system default?