The description I followed was in z/Journal August/September 2010 page 75-78.
___________________________________________ Tore Agblad Volvo Information Technology Infrastructure Mainframe Design & Development, Linux servers Dept 4352 DA1S SE-405 08, Gothenburg Sweden Telephone: +46-31-3233569 E-mail: [email protected] http://www.volvo.com/volvoit/global/en-gb/ -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Marcy Cortes Sent: den 5 september 2010 08:12 To: [email protected] Subject: Re: Crypto on SLES 11 SP1 - ssl engine ibmca We had it configured right, but thanks for that doc! Very useful! My problem was the syntax has changed between 10 and 11 for openssl. This works on both: openssl speed rsa1024 -engine ibmca And sles 11 sp1 has dynamic ibmca engine support so it will find it without the need to use the -engine flag. It also has a nice "icastats" command to let you see what it did with HW vs SW. The doc in the link is a little unclear about whether Novell is providing OpenSSH crypto support, but I verfied that it is in there. This will save some cpu cycles! Marcy -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Mark Post Sent: Friday, September 03, 2010 8:46 PM To: [email protected] Subject: Re: [LINUX-390] Crypto on SLES 11 SP1 - ssl engine ibmca >>> On 9/3/2010 at 09:59 PM, Marcy Cortes <[email protected]> >>> wrote: > Has anyone tried it? Did I miss a needed package or something? Take a look at http://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP101690 When I read it, I stepped through it on our z10 and everything worked as described. From what I remember, you need to edit the /etc/ssl/openssl.cnf file to add the bits from /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample thats included in the openssl-ibmca package. Mark Post ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
