can we change the security level in openssl.cnf (using CipherString = DEFAULT:@SECLEVEL=1)? any ref in doc?

[reguripradeep]

when we upgraded to OpenSSL3, few of the RSA certificates having keysize=1024 are not working (used openssl in Apache httpd). when we debugged further, we found that the default security level in OpenSSL3 is "2" and it does not allow keys of size less than 2048.
Now we cannot immediately upgrade our certificates to 2048 but we want our process to run as earlier.
we came across a forum where it is suggested to use "CipherString = DEFAULT:@SECLEVEL=1" in "[system_default_sect]" section. this is working fine for us. But we would like to know the exact impact of this setting. does it make the openssl libraries to work with a security level of 1? does it have any other impacts on overall system?
i could not find anything about this configuration in the documentation. or at least the values/format that "CipherString " takes. if this is documented can some one point me to that? like what are the values it supports and what is the format and impact?

[kulkarniamit]

Here's what I found

• man SSL_CONF_cmd
  • CipherString: Sets the ciphersuite list for TLSv1.2 and below to value. This list will be combined with any configured TLSv1.3 ciphersuites.
• The meaning of each security level is described in man SSL_CTX_set_security_level
• system_default section in man config
• CIPHER LIST FORMAT can be found in man openssl-ciphers

Hope that helps.