On Fri, Mar 20, 2015, jonetsu wrote: > > > > From: "Dr. Stephen Henson" <steve at openssl.org> > > Date: 03/20/15 12:48 > ? > > ?????OPENSSL_FIPS=1 openssl ciphers -v > > ?????openssl ciphers -v FIPS > > Thanks, this works great, on the workstation where I have installed at default development location /usr/loca/ssl/, using OpenSSL 1.0.1.k.? > > However, we have built Debian packages for the target unit, using 1.0.1e.? While the example fips_hmac runs fine, we have a problem with openssl itself, which seems to be that the openssl shared object is somehow not FIPS enabled, or, is 1.0.1e lacking in any respect to FIPS mode ? : > Some of the apps used to default to SSLv3 if OpenSSL was compiled with no-ssl2. This is fixed in later versions of OpenSSL. Try manually adding the -tls1 option to the ciphers command. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
