Dear all, ( On a Linux 2.6.32 x86_64 ) I'm trying to build a FIPS 2 openssl When I configure the fips code, config spits out as warning....
#cd openssl-fips-2.0-test-20120416 #./config Configured for linux-x86_64. WARNING: OpenSSL has been configured using unsupported option(s) to internally generate a fipscanister.o object module for TESTING PURPOSES ONLY; that compiled module is NOT FIPS 140-2 validated and CANNOT be used to replace the OpenSSL FIPS Object Module as identified by the CMVP (http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS 140-2 validated software. This is a test OpenSSL 2.0 FIPS module. See the file README.FIPS for details of how to build a test library. I *assume* that the warning is because we are using test software, rather than configuration problems ? And that the correct procedure is just "./config" rather than "./config fipcanisteronly", which the README.FIPS suggests ? Secondly, once fipscansiter is built, ( and installed to /usr/local/ssl/fips-2.0 ), I should be using ... #cd openssl-1.0.1 #./config fips shared ( I want fipscanister in libcrypto.so.1 ) Is it ok to use fipscanister inside libcrypto this way ? Many thanks, Simon Convey ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org