[openssl-users] Problem building Linux shared library with static FIPS capable OpenSSL

Nathan Glasser Nathan.Glasser at dialogic.com
Tue May 2 20:30:08 UTC 2017

>Try a shared build of the FIPS capable OpenSSL. You should then get
>fips_premain_dso built as part of that process. Alternatively just do:
>	make fips_premain_dso
>The fips_premain_dso executable isn't anything special: all it does is load
>the library. It should then print out the signature which can then be embedded
>for the second link step.

Thanks, Steve. With your help I was able to get this to work.

It's sort of hokey process - 

1) Run an extra undocumented make step (make fips_premain_dso).
2) Change my target shared library (.so) file to start with "lib".
3) Put the fips_premain_dso program into the directory from which fipsld
   is being run.
4) Rename the target shared library back to its intended name.

But it does work. Problem solved.


More information about the openssl-users mailing list