I see that CentOS does not provide the FIPS140-2 package for openSSL. I don't know if RH provides it or not. Can someone advise me on the best way to get it onto a CentOS or RHEL system, without breaking things? I'd also appreciate ANY related wisdom that's available, having pretty much NO wisdom of my own. thanks! Fred -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- "And he will be called Wonderful Counselor, Mighty God, Everlasting Father, Prince of Peace. Of the increase of his government there will be no end. He will reign on David's throne and over his kingdom, establishing and upholding it with justice and righteousness from that time on and forever." ------------------------------- Isaiah 9:7 (niv) ------------------------------
On 10/20/2015 12:55 PM, Fred Smith wrote:> > I see that CentOS does not provide the FIPS140-2 package for openSSL. I don't > know if RH provides it or not. > > Can someone advise me on the best way to get it onto a CentOS or RHEL system, > without breaking things? > > I'd also appreciate ANY related wisdom that's available, having pretty much > NO wisdom of my own. > > thanks! > > Fred >Here is how one makes RHEL-6 FIPS compliant: http://red.ht/1B85clS And for RHEL7: http://red.ht/1MSuL3y The CentOS Project does not certify that CentOS Linux is FIPS (or anything else) compliant, although those steps may also be completed on CentOS Linux. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20151020/c359f0bf/attachment-0001.sig>
On Tue, Oct 20, 2015 at 01:28:22PM -0500, Johnny Hughes wrote:> On 10/20/2015 12:55 PM, Fred Smith wrote: > > > > I see that CentOS does not provide the FIPS140-2 package for openSSL. I don't > > know if RH provides it or not. > > > > Can someone advise me on the best way to get it onto a CentOS or RHEL system, > > without breaking things? > > > > I'd also appreciate ANY related wisdom that's available, having pretty much > > NO wisdom of my own. > > > > thanks! > > > > Fred > > > > > Here is how one makes RHEL-6 FIPS compliant: > > http://red.ht/1B85clS > > And for RHEL7: > > http://red.ht/1MSuL3y > > The CentOS Project does not certify that CentOS Linux is FIPS (or > anything else) compliant, although those steps may also be completed on > CentOS Linux. >thanks, Johnny! I've seen the el6 document, but hadn't yet unearthed the EL7 done. -- ---- Fred Smith -- fredex at fcshome.stoneham.ma.us ----------------------------- "And he will be called Wonderful Counselor, Mighty God, Everlasting Father, Prince of Peace. Of the increase of his government there will be no end. He will reign on David's throne and over his kingdom, establishing and upholding it with justice and righteousness from that time on and forever." ------------------------------- Isaiah 9:7 (niv) ------------------------------
Possibly Parallel Threads
- openssl with FIPS140-2 ??
- Is samba FIPS compliant ? Can it be build with openssl ?
- Is samba FIPS compliant ? Can it be build with openssl ?
- building openssh with openssl-fips: cygwin can't find libcrypto
- [Bug 1987] New: FIPS signature verification incompatibility with openssl versions > 0.9.8q