On Thu, Mar 17, 2022 at 07:51:43PM +0100, egoitz--- via openssl-users wrote:
> I think that is the problem, the sha1.
That's the specific issue being reported.
> So... I have built Openssl 3.0.2
There's no reason for OpenSSL 3.0.2, that might just tighten the
restrictions further. OpenSSL 1.0.
> From: openssl-users On Behalf Of
> egoitz--- via openssl-users
> Sent: Thursday, 17 March, 2022 12:52
> 1 - Is it possible to update a whole CA with 2048 bit public and private keys
> (I used in req section of openssl.conf, the default_bits to 2048) to a
> Signature
> algorithm that don't bot
Good morning,
We are running our own home ca, for generating certificates for our
backup system. The new operating systems being recently backed up, have
started saying :
_OPENSSL.C:67-0 JCR=0 ERROR LOADING CERTIFICATE FILE:
ERR=ERROR:140AB18E:SSL ROUTINES:SSL_CTX_USE_CERTIFICATE:CA MD TOO WEAK
On Thu, 2022-03-17 at 10:17 -0400, Michael Richardson wrote:
>
> Tomas Mraz wrote:
> >> I figured out that this means that ./Configure should have
> "no-dgram"
> >> appended to it. That seems to result in OPENSSL_NO_DGRAM
> being
> >> defined.
> >>
> >> My test case naturally
Tomas Mraz wrote:
>> I figured out that this means that ./Configure should have "no-dgram"
>> appended to it. That seems to result in OPENSSL_NO_DGRAM being
>> defined.
>>
>> My test case naturally does not compile for that.
>>
>> Should my test case just be surrounde
On Wed, 2022-03-16 at 16:20 -0400, Michael Richardson wrote:
>
> One of the run checkers is marked "no dgram".
>
> https://github.com/mcr/openssl/runs/5563998914?check_suite_focus=true
>
> I figured out that this means that ./Configure should have "no-dgram"
> appended to it. That seems to res
One of the run checkers is marked "no dgram".
https://github.com/mcr/openssl/runs/5563998914?check_suite_focus=true
I figured out that this means that ./Configure should have "no-dgram"
appended to it. That seems to result in OPENSSL_NO_DGRAM being defined.
My test case naturally does not com
Good luck, the 2.0.16 FOM is nowhere near being 140-3 ready.
The Oracle version is much closer but still not quite there:
https://github.com/oracle/solaris-openssl-fips
Pauli
On 17/3/22 19:19, Dhananjay kumar wrote:
Hi All,
We are looking to go through FIPS 140-3 certification for one of ou
Hi All,
We are looking to go through FIPS 140-3 certification for one of our
products which still runs on openssl 1.0.2(fips object module 2.0.16)
version due to some software dependencies.
in FIPS 140-3, we are asked to explicitly implement KATs(known answer
tests) for below algorithms since FIPS_
