I apologize if this was asked in the past. I couldn't find any references to my question in the lists except this (related but not answering the question): http://www.stunnel.org/pipermail/stunnel-users/2014-July/004673.html http://www.stunnel.org/pipermail/stunnel-users/2012-November/003963.html
I understand how to compile Stunnel from source, and the FIPS canister for OpenSSL, then build OpenSSL with this FIPS canister, then build Stunnel using that OpenSSL. My question is for the Windows version with filename "stunnel-5.13-installer.exe". That compiled version doesn't seem to be built with FIPS canister, as the log shows: "Compiled/running with OpenSSL 1.0.2a 19 Mar 2015" without a "-fips" appendage after the OpenSSL version. In other words, if it was built as FIPS-compliant, it would show: "Compiled/running with OpenSSL 1.0.2a-fips 19 Mar 2015"
It may support the FIPS options (in the config file) but it's not FIPS-compliant. I also assume that this doesn't preclude the FIPS options in the config file from working. Specifically, FIPS-compliant does NOT imply that FIPS mode cannot be enabled. Am I understanding this correctly?
Thanks, -Rob