Wed Feb 17 16:47:03 UTC 2021

You may have not run the openssl fipsinstall command.  

You should be able to perform ‘make install_fips’ after you do a make install. Then check your openssl.conf file and make sure it has the proper fipsmodule.cnf filename and loads the providers you want.

> On Feb 17, 2021, at 10:26 AM, Nagarjun J <1nagarjun1 at gmail.com> wrote:
> 
> Hi,
> 
> I am building Nginx application with openssl-3.0.0, i have added below code in main function of nginx application to load fips provider,
> 
>   OSSL_PROVIDER *fips;
>        OSSL_PROVIDER *base;
> 
>        fips = OSSL_PROVIDER_load(NULL, "fips");
>        if (fips == NULL) {
>            printf("Failed to load FIPS provider\n");
>            exit(EXIT_FAILURE);
>        }
>        base = OSSL_PROVIDER_load(NULL, "base");
>        if (base == NULL) {
>            OSSL_PROVIDER_unload(fips);
>            printf("Failed to load base provider\n");
>            exit(EXIT_FAILURE);
>        }
> 
> but when I start the application it's giving Failed to load FIPS provider error , with initial debugging I found SELF_TEST_post is failing in below code st->module_checksum_data in null and returning  error.
> 
>     if (st == NULL
>             || st->module_checksum_data == NULL) {
>         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_CONFIG_DATA);
>         goto end;
>     }
> 
> Anything I am missing here?
> 
> Regards,
> Nagarjun
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210217/c7742476/attachment.html>