I have had this exact same problem with 1.0.1e, and earlier 1.0.1c and FIPS 2.0 using VS2010. 64-bit always works, 32-bit fails to enter FIPS mode, fingerprint doesn't match. So I was going to try again with 1.0.1f, but are you saying an even more recent snapshot would be required? Or just the /fixed flag?
Jim Adams -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Tuesday, February 25, 2014 5:14 PM To: openssl-users@openssl.org Subject: Re: OpenSSL 1.0.1e with FIPS 2.0 and Visual Studio 2012 -- has anyone made this work for Win32? On Tue, Feb 25, 2014, mclellan, dave wrote: > Very high level question: We are using OpenSSL 1.0.1e with FIPS 2.0 and > VS2012. Our Windows 64 bit proprietary client/server with SSL works fine, > as do all our Linux platforms (FIPS only in use on Windows and Linux). > > In Win32 we are seeing: > > 1. Intermittent FIPS_mode_set failures - fingerprint doesn't match > Try a recent 1.0.1 snapshot. The use of /fixed might resolve this. > 2. When FIPS_mode_set() works, we get certificate signature validation > errors. More details on request. > Is the certificate using an unapproved algorithms like MD5? If not please give more details. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
