Thanks Steve.
I think the way to use OPENSSL_config() and openssl.conf to enable FIPS
mode basically still requires each application to explicitly invoke
OPENSSL_config() API in order to truly enable the FIPS mode, is that
correct?
If that's the case, then basically there's no way to really
Thanks Steve.
I think the way to use OPENSSL_config() and openssl.conf basically still
requires each application to explicitly invoke OPENSSL_config() API in
order to truly enable the FIPS mode, is that correct?
If that's the case, then basically there's no way to really globally enable
the FIPS
On 01/28/2016 07:11 PM, security veteran wrote:
> Hi All:
>
> Is there a way to enable FIPS mode globally, instead of having to
> explicitly invoke the FIPS_mode_set() API from each application, for
> enabling the FIPS mode?
>
> ...
Kinda-sorta, via OPENSSL_config() and openssl.conf. See the
Hi All:
Is there a way to enable FIPS mode globally, instead of having to
explicitly invoke the FIPS_mode_set() API from each application, for
enabling the FIPS mode?
The reason I ask is, it will be much easier to enable FIPS mode if there're
many applications which rely on OpenSSL for crypto