I'm in the process of incorporating FIPS enabled OpenSSL into an application when I realized that by default the FIPS module is built by dynamically linking the C runtime, not statically linking. In my case, for Windows using Microsoft Visual Studio it uses the /MD option, instead of /MT. This is problematic because my application can't guarantee that the Microsoft C runtime has been installed (by running vcredist_x86.exe) before my apps runs. Currently I statically link the C runtime in many of my DLLs.
I realize that there are a limited number of things I can do while building the FIPS module before it is no longer within the FIPS validation specification. Can I use /MT (i.e. statically link the C runtime), instead of /MD and still be OK? Thanks in advance, LM ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
