Hi Jeffrey, I used openssl_fips 1.2 with openssl 0.9.8l. and planning to upgrade openssl-0.9.8l to 0.9.8za with -no-ec option. Please let me know is it break my fips compliance.
Thanks, Gayathri On Fri, Aug 8, 2014 at 11:09 AM, Jeffrey Walton <noloa...@gmail.com> wrote: > On Fri, Aug 8, 2014 at 1:11 AM, Gayathri Manoj <gayathri.an...@gmail.com> > wrote: > > > > Please let me know openssl-0.9.8za with -no-ec option is fips compliant > or > > not. > No. If you want FIPS validated crypto, then you need one of the > openssl-fips-*-tar.gz downloads. They produce the FIPS Object Module. > > openssl-0.9.8xxx is FIPS capable. It can use the validated > cryptography if the FIPS Object Module is available. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
