Hi, I'm using openssl (openssl-0.9.8r.tar.gz ) in a project, and now we want certificate the software with FIPS certification, my question is if we must have openssl-fips-1.2.3.tar.gz to use OpenSSL FIPS Object Module? In openssl-0.9.8r.tar.gz project we already some fips files. What is the difference between openssl-fips-1.2.3.tar.gz and openssl-0.9.8r.tar.gz?
In User Guide I read the following: "The FIPS Object Module is the special monolithic object module built from the special source distribution identified in the Security Policy. It is not the same as the OpenSSL product or any specific official OpenSSL distribution release." Regards, Tatiana Evers