Thank you for the response.
I already have a SHA-256 self signed certificate with a bit size 2048
but still ended up with the same error.
I used the following command to create the self signed certificate.
$ openssl req -x509 -sha256 -days 365 -newkey rsa:2048 -keyout
/etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt
$ openssl x509 -noout -text -in /etc/pki/tls/certs/localhost.crt | grep
"Signature Algorithm"
Signature Algorithm: sha256WithRSAEncryption
Signature Algorithm: sha256WithRSAEncryption
$ openssl version
OpenSSL 1.0.1i-fips 6 Aug 2014
Any suggestions ?
Regards,
Abdul
On 12-Aug-14 3:02 AM, Kurt Cancemi wrote:
Your using a SHA-1 signed certificate, the current FIPS standard
mandates a SHA-256 (SHA-2) signed certificate with a bit size >= 2048.
---
Kurt Cancemi
https://www.x64Architecture.com
On Mon, Aug 11, 2014 at 5:24 AM, Abdul Anshad <ab...@visolve.com> wrote:
Hello All,
I have a set up which runs Apache http-2.4.10 and Openssl-1.0.1i, when I try
to start the http server with FIPS mode i get the following error.
[Mon Aug 11 14:39:24.407781 2014] [suexec:notice] [pid 380] AH01232: suEXEC
mechanism enabled (wrapper: /apps/apache/2.4.10/bin/suexec)
[Mon Aug 11 14:39:24.428616 2014] [ssl:emerg] [pid 380] AH01885: FIPS mode
failed
[Mon Aug 11 14:39:24.428656 2014] [ssl:emerg] [pid 380] SSL Library Error:
error:2D06D075:FIPS routines:fips_pkey_signature_test:test failure (Type=RSA
SHA1 X931)
[Mon Aug 11 14:39:24.428663 2014] [ssl:emerg] [pid 380] AH02312: Fatal error
initialising mod_ssl, exiting.
AH00016: Configuration Failed
Could somebody help me out with this issue ? Thanks in advance.
--
Regards,
Abdul
---
This email is free from viruses and malware because avast! Antivirus
protection is active.
http://www.avast.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-...@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-...@openssl.org
Automated List Manager majord...@openssl.org
---
This email is free from viruses and malware because avast! Antivirus protection
is active.
http://www.avast.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org