On Wed, Oct 06, 2010, [email protected] wrote: > Hello there > > I am trying to use the OpenSSL-fips version 1.2 for our application ( > Webserver ) in Vxworks. I was able to integrate the library and > executing FIPS_mode_set is successful. After initializing the > SSL_library_init, The code tries to read the RSA key from a key.pem > file. >
Technically you shouldn't use keys created outside FIPS mode in FIPS mode. In FIPS mode the "traditional" format is not supported because it used MD5 for key derivation. The more standard PKCS#8 mode using SHA1 for key derivation is use instead. You can convert keys using the pkcs8 command outside FIPS mode but again technically you aren't supposed to... Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
