Hello all, I have a general query regarding FIPS mode. I am running an simple openssl https server based on openssl that services https requests from window clients. I have the following setting in my windows XP "Use FIPS comliant algorithms for encryption, hashing and signing set to 1" . Using IE on a windows xp client with the above setting i am able to communicate with a openssl command line https server. I dont have FIPS enabled on my opessl command line tool. Then how come i am able to handle requests from a windows machine which has the FIPS setting to 1.
Now is it ok to say i am FIPS compliant on the server side becaause i am handling FIPS requests from clients? thanks in advance for your time.
