On 04/12/2017 05:54 AM, dipakgaigole wrote:
Hi,
I have a windows multi-threaded SSL server application which
handles each client request in a new thread. The Server handles
different types of requests. One of the request type is like “send
file” where server thread has to read a file from local filesystem
and send the content to the client.
Server configurations:
FIPS: Enabled
SSL Protocol: TLSv1.2
Cipher: AES256-SHA
The OpenSSL PRNG story is currently not so great, yes.
But maybe you should try without FIPS, and also with a different
cipher? AES256-SHA is both CBC and SHA1, neither of which is really
a current best practice.
-Ben
|
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
