> It compiles without errors. When I try to enable FIPS mode, I get this > output: > > arm:~/nitere/new$ ./fipsctl set 1 > *** Enabling FIPS module. *** > *** Failed to enable FIPS module. *** > error:00000000:lib(0):func(0):reason(0) > > But FIPS is still disabled: > > arm:~/nitere/new$ ./fipsctl get > *** FIPS module is disabled. *** > > Does somebody knows what is wrong? Just a guess, but it looks like ERR_get_error() is returning the result of loading the error strings. If FIPS_mode_set fails, then grab ERR_get_error() immediately and ouput it in hex. With the hex error code, you can: $ openssl errstr 0x060800A3 error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips Jeff