Thanks again I do have the env Variable OPENSSL_FIPS set to 1. And the key generated is as below
-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,6238C2ACEDF888E5 bmtRXSn8WHfHAUBX6m7RLs/yVctQf9TG8WmUbuc1rJ+GrP3yOc+YzY8uhgw5TZRb vtV2WAJ9rfeYlenV+F9PvgnGOr7mLojzQhndnuVr7ZMDciuCAd/nVvp8trUPBtFJ . . . .hXasFeSrd5IpLMOBsQ3bcpUoRiqe0gNzyIZRSsx4+OZbhLbzBxTSiUUh3NiqmhXG bfJi1dm+M35+0BbZrGI/z2EkRW30FV5C9OLUd77AJjZITCpPl28Aew== -----END RSA PRIVATE KEY----- But still it fails at the same method "PEM_do_header" Any hint? Thanks John Paul -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Wednesday, October 06, 2010 6:02 PM To: openssl-users@openssl.org Subject: Re: FIPS mode - fails to read the RSA key On Wed, Oct 06, 2010, john.mattapi...@wipro.com wrote: > Thanks Steve, > > I used the following commands to create the certificate using the > openssl built with FIPS support > > openssl genrsa -des3 -out wv-key.pem 1024 openssl req -new -x509 -key > wv-key.pem -out wv-cert.pem -days 365 > > Do I miss any option to make it FIPS supported > The openssl utility is not in FIPS mode by default. You need to set the environment variable OPENSSL_FIPS to 1 when you call it. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org