On Wed, Oct 06, 2010, john.mattapi...@wipro.com wrote: > Thanks again > > I do have the env Variable OPENSSL_FIPS set to 1. And the key generated > is as below > > -----BEGIN RSA PRIVATE KEY----- > Proc-Type: 4,ENCRYPTED > DEK-Info: DES-EDE3-CBC,6238C2ACEDF888E5 > > bmtRXSn8WHfHAUBX6m7RLs/yVctQf9TG8WmUbuc1rJ+GrP3yOc+YzY8uhgw5TZRb > vtV2WAJ9rfeYlenV+F9PvgnGOr7mLojzQhndnuVr7ZMDciuCAd/nVvp8trUPBtFJ > . > . > . > .hXasFeSrd5IpLMOBsQ3bcpUoRiqe0gNzyIZRSsx4+OZbhLbzBxTSiUUh3NiqmhXG > bfJi1dm+M35+0BbZrGI/z2EkRW30FV5C9OLUd77AJjZITCpPl28Aew== > -----END RSA PRIVATE KEY----- > > But still it fails at the same method "PEM_do_header" >
If that happens the version of OpenSSL isn't in FIPS mode. You should get: -----BEGIN PRIVATE KEY----- and no Proc-Type, DEK-Info lines if it worked. If you also do: OPENSSL_FIPS=1 openssl md5 somefile it should fail with an error if FIPS mode is entered correctly. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org