<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hello<br><br> I think there is a bit of confusion within my company on what stunnel can do in regards to FIPS 140-2 out of the box. I know there are configuration options that can enable or disable FIPS 140-2 mode, but as the man page indicates<br><br><dl><dt><strong><a name="fips_yes_no" class="item"><strong>fips</strong> = yes | no</a></strong></dt><dd>
Enable or disable FIPS 140-2 mode.<BR>
This option allows to disable entering FIPS mode if stunnel was compiled with
FIPS 140-2 support.<BR>
default: yes<BR></dd></dl>Which to me says I have to compile stunnel on my own using openssl with fips libraries to build a Stunnel binary that can support FIPS 140-2 compliance -- if I download just the windows or unix binaries and install them -- then I am not going to be 140-2 compliant where I set the config file to yes or no , since the FIPS modules wont be compiled into the binary.<BR><br><BR>I'm just looking for confirmation before I take this back to the rest of my group. <br><BR><br><BR>Thanks!!<BR><br><BR>Michael Curran<br><BR><br> </div></body>
</html>