Adding:
config_diagnostics = 1
At the same level as the openssl_conf line should produce more output.
Pauli
--
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations
Phone +61 7 3031 7217
Oracle Australia
> On 4 Nov 2020, at 4:41 am, Thomas Dwyer III wrote:
>
> On Tue, Nov
> Ah ha! This explanation makes sense to me and indeed pointed me at the real
> problem. I had recompiled OpenSSL but I forgot to update the hmac in fips.cnf
> via fipsinstall. So yes, the fips provider was failing to activate because of
> that. As soon I fixed the hmac RAND_status() started wor
On Tue, Nov 3, 2020 at 7:13 AM Matt Caswell wrote:
>
>
> On 03/11/2020 00:55, Thomas Dwyer III wrote:
> > I'm having trouble getting RAND_status() to return 1 when my openssl.cnf
> > has both the default provider and the fips provider configured at the
> > same time:
> >
> > openssl_conf
On Tue, 2020-11-03 at 15:13 +, Matt Caswell wrote:
>
> The reasons are a little complicated (see below) but the TL;DR
> summary
> is that there is an error in your config file. The ".include" line
> should specify a config file relative to OPENSSLDIR (or
> OPENSSL_CONF_INCLUDE if it is set). I
On 03/11/2020 15:13, Matt Caswell wrote:
> I've seen this error a few times now so I'm thinking that we should
> perhaps allow absolute paths. I'm not sure what the reason for
> disallowing them was.
I raised this issue about this:
https://github.com/openssl/openssl/issues/13302
> We really s
On 03/11/2020 00:55, Thomas Dwyer III wrote:
> I'm having trouble getting RAND_status() to return 1 when my openssl.cnf
> has both the default provider and the fips provider configured at the
> same time:
>
> openssl_conf = openssl_init
>
> [openssl_init]
> providers =
> From: openssl-users On Behalf Of perumal v
> Sent: Monday, 2 November, 2020 07:57
> I tried openssl ocsp for ipv6 and got the error message for the OCSP.
> openssl ocsp -url http://[2001:DB8:64:FF9B:0:0:A0A:285E]:8090/ocsp-100/
> -issuer ...
> Error creating connect BIO
> 140416130504448:erro