On 10/13/19 5:22 AM, Mark Hatle wrote:
The original goal of this work was to enable a FIPS-140-2 OpenSSL module. Why
is NSS part of this?
Is something inside of the OpenSSL patches requesting NSS support, or is this a
different -- but related request?
No, there is no relation between openssl
The original goal of this work was to enable a FIPS-140-2 OpenSSL module. Why
is NSS part of this?
Is something inside of the OpenSSL patches requesting NSS support, or is this a
different -- but related request?
--Mark
On 10/12/19 3:17 AM, Hongxu Jia wrote:
> Add export NSS_FORCE_FIPS=1 to
Add export NSS_FORCE_FIPS=1 to force enable fips, and add the same
macro limitaition to fips enable test, currently we are not ready
to support nss fips
...
$ certutil -N -d sql:. --empty-password
|certutil: function failed: SEC_ERROR_PKCS11_DEVICE_ERROR: A PKCS #11
module returned