The question is: is FIPS mode supposed to be set for compiling openssl, or for compiling stunnel, or just with OPENSSL_FIPS=1 environment varilable? In the last case, where to put the export command? (tried inserting to /etc/init.d/stunnel in vain). Thanks. stunnel version: ~> zypper se -is stunnel Loading repository data... Reading installed packages... S | Name | Type | Version | Arch | Repository --+---------+---------+----------+--------+------------------ i | stunnel | package | 4.56-1.1 | x86_64 | security: stunnel The error is produced even with a blank configration file (not specifying any section in [xxx] format):

cat /var/log/rc.stunnel.log Clients allowed=500 stunnel 4.56 on x86_64-suse-linux-gnu platform Compiled/running with OpenSSL 1.0.1e 11 Feb 2013 Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP Reading configuration from file /etc/stunnel/stunnel.conf FIPS_mode_set: F06D065: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported Global options: Failed to initialize SSL str_stats: 5 block(s), 87 data byte(s), 290 control byte(s)

-- To unsubscribe, e-mail: opensuse-networking+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-networking+owner@opensuse.org