On Thu, Mar 13, 2008, Scholl, Ben M. wrote: > Steve, > > I followed your procedure, and this time it actually looks like it worked. I > am confused at what I need to do now to use this build. > > I ran this command: ~\apps\openssl version > It returned: OpenSSL 0.9.7j-fips-dev XX xxx XXXX > > Is this the expected result? Do I need to then build another version of > OpenSSL and link to this one somehow, or is this a usable FIPS version? > > My ultimate goal is to create a key and certificate request using a FIPS > version of OpenSSL and then somehow use OpenSSL as my Tomcat 6 SSLEngine. > Currently I have no idea how to accomplish any of this. > > Any help you can provide is much appreciated. >
Yes that is the expected result. You can use that version of OpenSSL "as is" but it is rather ancient (due to the long timescale of the validation process). If you want to use VC++ for development you have to link a recent version of OpenSSL 0.9.7 against the validated module. Instructions are in the user guide see: http://www.openssl.org/docs/fips/UserGuide-1.1.1.pdf Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
