On 31/05/2010 22:10, Sander Temme wrote: > > Please note that no released version of Apache knows how to put OpenSSL into > FIPS mode. When your Many Users run Apache in a situation with FIPS > requirements, which and whose patches do they use? Work on FIPS integration > at Apache itself stalled in 2007: > > http://svn.apache.org/viewvc/httpd/sandbox/gaithersburg/README-FIPS?view=log >
That comment refers to the older 1.1 module which was has been superseded by the 1.2 validation. I submitted a patch for the 1.2 module and support is now in trunk and a backport proposed to 2.2.x, see the SSLFIPS directive. Steve. -- Dr Stephen N. Henson. Senior Technical/Cryptography Advisor, Open Source Software Institute: www.oss-institute.org OpenSSL Core team: www.openssl.org