[openssl-users] FIPS mode on Windows

Hubert Kario hkario at redhat.com
Mon Sep 10 11:26:25 UTC 2018

On Friday, 7 September 2018 20:18:38 CEST Alessandro Gherardi wrote:
> I'm running Windows 10.
> I downloaded the FIPS module sources
> from https://www.openssl.org/source/openssl-fips-2.0.16.tar.gz and the
> OpenSSL sources from https://www.openssl.org/source/openssl-1.0.2p.tar.gz .
> I built both FIPS module and OpenSSL (following the instructions
> at https://www.openssl.org/docs/fips/UserGuide-2.0.pdf to make sure OpenSSL
> uses the FIPS module) using Visual Studio.

then that does sound like it does match the policy

>  > But please note that's not the only openssl FIPS module in existence
> I wasn't aware that other OpenSSL FIPS modules exist. Are those modules also
> opensource? Are they all FIPS-certified? Do you have a recommendation for
> which one is the "best" to use?

the one we use in RHEL packages is different, and it is, of course, open 

I wouldn't say that there is a "best" one, if it does match your requirements, 
it should be good enough.
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180910/6d74bdc5/attachment.sig>

More information about the openssl-users mailing list