On Tue, Jul 18, 2023 at 12:48 AM Dr Paul Dale <pauli@xxxxxxxxxxx> wrote: > > Also note that no OpenSSL version 1.1.Z was ever (& never will be) FIPS validated by the project. > > FIPS validations are expensive, we cannot validate each and ever version. > > However, we do ensure compatibility between released versions and validated FIPS providers. For example, you can use the 3.0.0 FIPS provider with OpenSSL 3.1.1. This does mean you might have to build twice -- once to get the provider and once for OpenSSL. The instructions are in the README.FIP file. > > > Pauli I see. Thanks for explaining the context. I can also see the steps to use the 3.0.0 FIPS provider with OpenSSL 3.1 on the document that you mentioned. https://github.com/openssl/openssl/blob/master/README-FIPS.md#installing-the-fips-provider-and-using-it-with-the-latest-release Jun
