All; I'm working with PosgreSQL in a DoD environment and am supposed to enforce FIPS operation. PostgreSQL doesn't perform a call to FIP_mode_set() but does provide a configuration item 'ssl_ciphers'. Is there more to FIPS_mode than I am aware of or would it be functionally equivalent to simply set my ciphers to something like 'FIPS:!aNULL:!eNULL'? As a semi-related question, would a non-FIPS OpenSSL installation still enforce the same cipher suites but just not be 'officially' validated? Thanks! -LJK -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160204/975db552/attachment.html>
