Hi, I have couple of queries pertaining to what it means by violating OpenSSL FIPS Security Policy.
We recently moved to FIPS enabled OpenSSL successfully. My concern is whether certificates generated by earlier versions of our product, which used non-FIPS enabled OpenSSL, can be used in FIPS enabled environment? I did not see any error while using the certificates generated in non-FIPS mode just that I am not able to create new certificates using a root certificate generated in non-FIPS mode. Assuming that new certificate generation is not required, will it violate security policy if we use certificates generated in non-FIPS mode? Thanks, Vivek ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
