> > The problem is the root CA uses MD2WithRSAEncryption as a > > signature algorithm > > and that is prohibited in FIPS mode.
> I'm pretty ignorant when it comes to FIPS, is this a limitation of the > FIPS requirements itself or a limitation of OpenSSL's FIPS validation? The former. FIPS does not allow the use of algorithms not considered adequately secure. A general-purpose SSL application intended to interoperate on the Internet should not be using FIPS mode. > Also, how do you find out the signature algorithm used for the root CA? > I don't see it listed when trying to connect using > openssl s_client -connect host:port -CAfile mycafile.pem Save the cert, and do this: openssl x509 -text < MyCertFile.pem | grep Algorithm Make sure all the algorithms you see are FIPS-approved. > Any idea how many root CAs use MD2WithRSAEncryption or any way to work > around it? It appears to be a Verisign cert ... The workaround is not to use FIPS in an application designed to interoperate with non-FIPS applications. The public Internet infrastructure just is not FIPS. Unless you have absolutely no choice, you should not attempt strict FIPS compliance. The downsides are massive. > -Brad DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
