The version "1.0.0-fips" indicates a build of OpenSSL that used both the 1.0.0 source and one (can't tell which) of the openssl-fips source packages.
If you're seeing that version number printed out by the "openssl" command on your system you probably need to get the source from the operating system vendor, for example the source RPM if you are on some version of Red Hat Enterprise Linux. Andrew From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of A sunil kumar Sent: Tuesday, November 11, 2014 11:23 AM To: openssl-users@openssl.org Subject: OpenSSL 1.0.0-fips 29 Mar 2010 I am looking for the tarball OpenSSL 1.0.0-fips 29 Mar 2010. But in http://www.openssl.org/source/ i dont see this version. Rather i see Mar 29 15:24:59 2010 openssl-1.0.0.tar.gz (MD5) (SHA1) (PGP sign). Can someone please confirm whether these 2 versions are same, else if is there any other link where can i find OpenSSL 1.0.0-fips 29 Mar 2010? I have posted it in the google group, but i havent received any reponse. can someone please help with the info. Thanks Sunil
