Re: [stunnel-users] stunnel-users Digest, Vol 176, Issue 3
FIPS in stunnel and OpenSSL The actual cause of the problem is OpenSSL v1.1.x does not support FIPS engine and as such, you can only use a FIPS Compliant cipher until FIPS is recertified as I understand it Andruw Smalley Loadbalancer.org Ltd. www.loadbalancer.org +1 888 867 9504 / +44 (0)330 380 1064 asmalley@loadbalancer.org Leave a Review | Deployment Guides | Blog Andruw Smalley Loadbalancer.org Ltd. www.loadbalancer.org +1 888 867 9504 / +44 (0)330 380 1064 asmalley@loadbalancer.org Leave a Review | Deployment Guides | Blog On Mon, 4 Mar 2019 at 16:20, <stunnel-users-request@stunnel.org> wrote:
Send stunnel-users mailing list submissions to stunnel-users@stunnel.org
To subscribe or unsubscribe via the World Wide Web, visit https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users or, via email, send a message with subject or body 'help' to stunnel-users-request@stunnel.org
You can reach the person managing the list at stunnel-users-owner@stunnel.org
When replying, please edit your Subject line so it is more specific than "Re: Contents of stunnel-users digest..."
Today's Topics:
1. FIPS mode not supported (Yan Renelt) 2. Re: FIPS mode not supported (mlrx) 3. Re: FIPS mode not supported (Flo Rance)
----------------------------------------------------------------------
Message: 1 Date: Mon, 4 Mar 2019 16:14:47 +0100 From: Yan Renelt <reneltyan@gmail.com> To: stunnel-users@stunnel.org Subject: [stunnel-users] FIPS mode not supported Message-ID: <3F804E14-5218-42A5-9850-7AEBC0EF8F96@gmail.com> Content-Type: text/plain; charset="utf-8"
Hi,
my config is cert = stunnel.pem socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 debug = 7
fips = yes
[Demo-Trading] client = yes accept = 127.0.0.1:40001 connect = fix-order.london-demo.lmax.com:443 sslVersion = TLSv1 options = NO_SSLv2 options = NO_SSLv3
[Demo ñ Market Data] client = yes accept = 127.0.0.1:40003 connect = fix-marketdata.london-demo.lmax.com:443 sslVersion = TLSv1 options = NO_SSLv2 options = NO_SSLv3
and I still receiving this error.
FIPS_mode_set: F06D065: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported
Any suggestions? Fips = no is not an option for me.
Thanks
Yan
participants (1)
-
Andrew Smalley