Re: [stunnel-users] stunnel-users Digest, Vol 176, Issue 3 - stunnel-users

4 Mar 2019

      FIPS in stunnel and OpenSSL
The actual cause of the problem is OpenSSL v1.1.x does not support
FIPS engine and as such, you can only use a FIPS Compliant cipher
until FIPS is recertified as I understand it
Andruw Smalley
Loadbalancer.org Ltd.
www.loadbalancer.org
+1 888 867 9504 / +44 (0)330 380 1064
asmalley@loadbalancer.org
Leave a Review | Deployment Guides | Blog
Andruw Smalley
Loadbalancer.org Ltd.
www.loadbalancer.org
+1 888 867 9504 / +44 (0)330 380 1064
asmalley@loadbalancer.org
Leave a Review | Deployment Guides | Blog
On Mon, 4 Mar 2019 at 16:20, stunnel-users-request@stunnel.org wrote:
...
Send stunnel-users mailing list submissions to
        stunnel-users@stunnel.org
To subscribe or unsubscribe via the World Wide Web, visit
        https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
or, via email, send a message with subject or body 'help' to
        stunnel-users-request@stunnel.org
You can reach the person managing the list at
        stunnel-users-owner@stunnel.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of stunnel-users digest..."
Today's Topics:

FIPS mode not supported (Yan Renelt)
Re: FIPS mode not supported (mlrx)
Re: FIPS mode not supported (Flo Rance)

Message: 1
Date: Mon, 4 Mar 2019 16:14:47 +0100
From: Yan Renelt reneltyan@gmail.com
To: stunnel-users@stunnel.org
Subject: [stunnel-users] FIPS mode not supported
Message-ID: 3F804E14-5218-42A5-9850-7AEBC0EF8F96@gmail.com
Content-Type: text/plain; charset="utf-8"
Hi,
my config is
cert = stunnel.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
fips = yes
[Demo-Trading]
client = yes
accept = 127.0.0.1:40001
connect = fix-order.london-demo.lmax.com:443
sslVersion = TLSv1
options = NO_SSLv2
options = NO_SSLv3
[Demo ñ Market Data]
client = yes
accept = 127.0.0.1:40003
connect = fix-marketdata.london-demo.lmax.com:443
sslVersion = TLSv1
options = NO_SSLv2
options = NO_SSLv3
and I still receiving this error.
FIPS_mode_set: F06D065: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported
Any suggestions? Fips = no is not an option for me.
Thanks
Yan