RE: FIPS error on Apache httpd v2.4.3, OpenSSL 1.0.1c and fips-2.0.1
Hi, Cassie I followed your post. I tried to recompile Apache with the recommendation that you given. I tried to rename Redhat's libcrypto and libssl to something else then Apache complains about LDAP library missing in the configure phase. I then tried using LDFLAGS for "configure" in Apache but no success. I also tried LD_LIBRARY_PATH to specify /usr/local/ssl/lib but also no luck. What else the trick that I can use? Thanks. Ryan -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Helms, Cassie Sent: Thursday, August 23, 2012 3:26 PM To: openssl-users@openssl.org Subject: RE: FIPS error on Apache httpd v2.4.3, OpenSSL 1.0.1c and fips-2.0.1 Ryan, A previous thread, "fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build", might be of some use to you. As a first step, you may want to use ldd on your executable to make sure libcrypto.so/a points to 1.0.1c and not some other version of openssl. The thread has more information on this issue. Cassie __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: FIPS error on Apache httpd v2.4.3, OpenSSL 1.0.1c and fips-2.0.1
Thanks, Cassie Ldd shows Apache httpd uses Redhat (v6.x)'s built in /lib64/libcrypto.so/a not my OpenSSL's /usr/local/ssl/lib/libcrypto.so. I got to fix that problem first. Thanks. Ryan Jiang -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Helms, Cassie Sent: Thursday, August 23, 2012 3:26 PM To: openssl-users@openssl.org Subject: RE: FIPS error on Apache httpd v2.4.3, OpenSSL 1.0.1c and fips-2.0.1 Ryan, A previous thread, "fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build", might be of some use to you. As a first step, you may want to use ldd on your executable to make sure libcrypto.so/a points to 1.0.1c and not some other version of openssl. The thread has more information on this issue. Cassie __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: FIPS error on Apache httpd v2.4.3, OpenSSL 1.0.1c and fips-2.0.1
Ryan, A previous thread, "fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build", might be of some use to you. As a first step, you may want to use ldd on your executable to make sure libcrypto.so/a points to 1.0.1c and not some other version of openssl. The thread has more information on this issue. Cassie __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
