On Wed, Mar 11, 2009, Jeremy Regan wrote:
> Hello,
>
> I was able to build the FIPS 1.2 software successfully using
>
> ./config --prefix=/apps/fips_build/fips-1.2-install fipscanisterbuild
> no-asm
> make
> make install
>
> then I built openssl-0.9.8j using the very standard options and tellin
Thank you for your valuable advice. I have determined the root problem
and I believe it is important to inform you of the result.
In building the fips-1.2 source, I found that if I did it vanilla, it
would choose 64 bit object mode. The AIX machine we are using is
running in mixed-kernel mode
> The end result is that I had to change the makefile to -q32 to get
> it to work with the openssl-0.9.8j distribution, which smartly does
> use 32_64 mode and will FAIL if I did not change the fips-1.2 makefile.
This violates the security policy and invalides the FIPS certification. You
cannot c
Jeremy Regan wrote:
Hello,
I was able to build the FIPS 1.2 software successfully using
./config --prefix=/apps/fips_build/fips-1.2-install fipscanisterbuild
no-asm
make
make install
Standard nag: you built it successfully in the sense that it compiled
and linked without error, but you can
This is the build script i have used to build the openssl fips 1.2 and
openssl 9.8j . try this and let me know if this help you.
#!/bin/ksh
SOURCEDIR=$(pwd)
SOURCE0=$SOURCEDIR/openssl-fips-1.2.tar.gz
SOURCE1=$SOURCEDIR/openssl-0.9.8j.tar.gz
function openssl_fips_workaround_object_
Thank you all again for your valuable information. I have been working
with our system administrators on the point of running make install with
sudo privileges, they are recalcitrant in allowing me to put software
into the machine that I cannot give them exact instructions on how to
build on th
