See http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslfips for using the OpenSSL fipscontainer with apache. From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of security veteran Sent: Monday, January 18, 2016 9:21 PM To: openssl-users at openssl.org Subject: Apache (2.x) server and OpenSSL FIPS modules Hi, We will be using OpenSSL FIPS modules on our Linux server and was wondering if we need to do any work on the Apache server in order to make it working seamlessly with OpenSSL when the FIPS mode is enabled. My questions are: 1) How to make Apache server enable the FIPS mode on OpenSSL? My understanding is, for each application which need use OpenSSL FIPS mode, the application need to invoke the FIPS_mode_set () API. In that case how do we make Apache to invoke this API? Is that a configuration changes or does it require to rebuild Apache server? 2) If Apache is enabled with FIPS module, does it mean all the Apache processes (when invoking crypto functions from OpenSSL) will be operating with the OpenSSL FIPS mode? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160121/e339f736/attachment.html>
