The question is: is FIPS mode supposed to be set for compiling openssl,
or for compiling stunnel, or just with OPENSSL_FIPS=1 environment
varilable? In the last case, where to put the export command? (tried
inserting to /etc/init.d/stunnel in vain).
Thanks.
stunnel version:
~> zypper se -is stunnel
Loading repository data...
Reading installed packages...
S | Name | Type | Version | Arch | Repository
--+---------+---------+----------+--------+------------------
i | stunnel | package | 4.56-1.1 | x86_64 | security: stunnel
The error is produced even with a blank configration file (not specifying
any section in [xxx] format):
> cat /var/log/rc.stunnel.log
Clients allowed=500
stunnel 4.56 on x86_64-suse-linux-gnu platform
Compiled/running with OpenSSL 1.0.1e 11 Feb 2013
Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP
Reading configuration from file /etc/stunnel/stunnel.conf
FIPS_mode_set: F06D065: error:0F06D065:common libcrypto
routines:FIPS_mode_set:fips mode not supported
Global options: Failed to initialize SSL
str_stats: 5 block(s), 87 data byte(s), 290 control byte(s)
--
To unsubscribe, e-mail: opensuse-networking+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-networking+owner(a)opensuse.org
