Hello, unfortunately it is not possible to validate a statically linked FIPS provider in OpenSSL 3.0. The FIPS provider is always a separate shared library module that is loaded at runtime. Tomas Mraz, OpenSSL On Thu, 2024-01-18 at 00:04 +0000, Prajeed Chathuar via openssl-users wrote: > > Hi team, > > > > In one of our product, we consumes the OPENSSL static libraries and > make the use of FIPSLD to make the complete application/DLL FIPS > validated module. > > > > In a process of migrating the OPENSSL v1.0.2 to v3.0.8, I couldn't > find any replacement for FIPSLD script used in previous version. > > > > I did go through the FIPS provider concept and the steps for making > FIP validated OPENSSL libraries, but couldn't find any ways for > making the application/DLL FIPS validated while using the OPENSSL > static library. > > > > Please let me know if there are any other ways to make > application/DLL(by using the OPENSSL static libraries) FIPS > validated, other than using the FIPS validated OPENSSL dynamic > libraries. > > > > Regards, > > Prajeed -- Tomáš Mráz, OpenSSL
