<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 04/12/2017 05:54 AM, dipakgaigole wrote:<br>
<blockquote
cite="mid:20170412105428.2021.qmail@f4mail-235-235.rediffmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
Hi,<br>
<br>
I have a windows multi-threaded SSL server application which
handles each client request in a new thread. The Server handles
different types of requests. One of the request type is like “send
file” where server thread has to read a file from local filesystem
and send the content to the client.<br>
Server configurations:<br>
FIPS: Enabled<br>
SSL Protocol: TLSv1.2<br>
Cipher: AES256-SHA<br>
</blockquote>
<br>
The OpenSSL PRNG story is currently not so great, yes.<br>
But maybe you should try without FIPS, and also with a different
cipher? AES256-SHA is both CBC and SHA1, neither of which is really
a current best practice.<br>
<br>
-Ben<br>
</body>
</html>