On 04/12/2017 05:54 AM, dipakgaigole wrote: > Hi, > > I have a windows multi-threaded SSL server application which handles > each client request in a new thread. The Server handles different > types of requests. One of the request type is like “send file” where > server thread has to read a file from local filesystem and send the > content to the client. > Server configurations: > FIPS: Enabled > SSL Protocol: TLSv1.2 > Cipher: AES256-SHA
The OpenSSL PRNG story is currently not so great, yes. But maybe you should try without FIPS, and also with a different cipher? AES256-SHA is both CBC and SHA1, neither of which is really a current best practice. -Ben
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
