[openssl-users] OpenSSL Compile Issues (and general knowledge questions)

All; I'm an administrator/engineer responsible for compiling Apache with OpenSSL supporting FIPS mode. I've got a good process down that generally works. However, I am looking for a little help on some details because I am not a developer and am not about digging through the source code to

Re: [openssl-users] How do I verify the FIPS mode

I think you can run 'OPENSSL_FIPS=1 openssl ciphers -v'. I believe that if, FIPS is compiled in properly you should get output. Otherwise an error should occur. On Wed, Feb 10, 2016 at 1:41 PM, cloud force wrote: > Hi everyone, > > I built and installed the FIPS

Re: [openssl-users] How do I verify the FIPS mode

, Lesley Kimmel <lesley.j.kim...@gmail.com> wrote: > I think you can run 'OPENSSL_FIPS=1 openssl ciphers -v'. I believe that > if, FIPS is compiled in properly you should get output. Otherwise an error > should occur. > > On Wed, Feb 10, 2016 at 1:41 PM, cloud force <cloud.for

[openssl-users] Enforcing FIPS via Cipher Suites Declaration

All; I'm working with PosgreSQL in a DoD environment and am supposed to enforce FIPS operation. PostgreSQL doesn't perform a call to FIP_mode_set() but does provide a configuration item 'ssl_ciphers'. Is there more to FIPS_mode than I am aware of or would it be functionally equivalent to simply

Re: [openssl-users] Enforcing FIPS via Cipher Suites Declaration

Thanks for the input, all. Those are basically the responses I was expecting, I just wanted to see it in writing as I couldn't find a clear answer during a short internet search. On Thu, Feb 4, 2016 at 10:57 AM, Dr. Stephen Henson wrote: > On Thu, Feb 04, 2016, Thomas

[openssl-users] Help With CipherSpecs

Hi All! I'm not an expert, by any means, with cipher suites, etc. I am working with an HTTPD server where I am not able to set the server/kernel to FIPS mode nor am I able to set the HTTPD server (openssl) to FIPS mode. However, I am able to modify the SSLCipherSuite directive. Doing some