We had it configured right, but thanks for that doc! Very useful! My problem was the syntax has changed between 10 and 11 for openssl.
This works on both: openssl speed rsa1024 -engine ibmca And sles 11 sp1 has dynamic ibmca engine support so it will find it without the need to use the -engine flag. It also has a nice "icastats" command to let you see what it did with HW vs SW. The doc in the link is a little unclear about whether Novell is providing OpenSSH crypto support, but I verfied that it is in there. This will save some cpu cycles! Marcy -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Mark Post Sent: Friday, September 03, 2010 8:46 PM To: [email protected] Subject: Re: [LINUX-390] Crypto on SLES 11 SP1 - ssl engine ibmca >>> On 9/3/2010 at 09:59 PM, Marcy Cortes <[email protected]> >>> wrote: > Has anyone tried it? Did I miss a needed package or something? Take a look at http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP101690 When I read it, I stepped through it on our z10 and everything worked as described. From what I remember, you need to edit the /etc/ssl/openssl.cnf file to add the bits from /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample thats included in the openssl-ibmca package. Mark Post ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
