Hello, A system running in FIPS can have several applications using libssl. openvpn and openswan are two. There can be 3rd party web servers. So on. Is there any 'library magic' these days that would prevent modifying each and every application to add a FIPS_mode_set() call and error handling ? I guess there isn't although I'm not risking anything in asking :) So basically every app that uses libssl will have to be modified to add a FIPS_mode_set() call near the beginning. Is that right ? Thanks for any comments and suggestions ! Regards.
