OpenSSL 3.0 FIPS questions

Jason Schultz jetson23 at
Sun Oct 24 19:23:34 UTC 2021

Thank you for your response. I think all of that makes sense, and seems to accomplish what I want programmatically, limiting it to my application. I guess the only question I have is what about the config files? Should they remain as they were installed, or do I need to provide sections for fips, base, default, etc?



From: openssl-users <openssl-users-bounces at> on behalf of Dr Paul Dale <pauli at>
Sent: Sunday, October 24, 2021 12:28 AM
To: openssl-users at <openssl-users at>
Subject: Re: OpenSSL 3.0 FIPS questions

Oops, the second time this occurs "defp = OSSL_PROVIDER_load(non_fips_libctx, "default");" it should be "defp = OSSL_PROVIDER_load(NULL, "default");"


On 24/10/21 10:06 am, Dr Paul Dale wrote:
defp = OSSL_PROVIDER_load(non_fips_libctx, "default");

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list