I'm working on a Windows Program that utilizes the OpenSSL libraries and DLLs. I'm looking to enable FIPS in some cases (where it is required by the user). Currently, I'm looking at restarting the program when the FIPS mode is changed and changing the loaded
provider.
I've compiled and installed OpenSSL 3.1 with the enable-fips option, run the fips install, generated the .cnf file, and copied the FIPS module along with the .cnf to my program I'm following the code provided at
https://wiki.openssl.org/index.php/OpenSSL_3.0
under the
Programmatically loading the FIPS module (default library context) heading. I'm not able to load the FIPS module, the provider value is null.
Is there anything I'm missing here or pointers to reference material folks can provide me?
As a side not I'm wondering if anyone has tips for running the fips-install command on each client as it seems we can't copy config files between machines.
