On Thu, Mar 04, 2010, kai_yang2008 wrote: > Hi All, > > I have build a fips-openssl with the openssl-0.9.8m and fips-1.2. > But when i run the command using "rsautl": > > openssl rsautl -sign -in file -inkey rsakey -out file_sign_pem -keyform PEM > > it will produce an error like this : > > RSA operation error > 22262:error:0408908E:rsa routines:RSA_private_encrypt:operation not allowed > in fips mode:rsa_lib.c:82 > > So could anybody give me some ideas about this? > The command can work fine with fips-openssl-0.9.8l. >
That's intended. If you want to sign using RSA you need to use the 'dgst' command instead to sign atomically. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
