[stunnel-users] FIPS enablement
mike_curran at hotmail.com
Mon Nov 5 22:18:49 CET 2012
I think there is a bit of confusion within my company on what stunnel can do in regards to FIPS 140-2 out of the box. I know there are configuration options that can enable or disable FIPS 140-2 mode, but as the man page indicates
fips = yes | no
Enable or disable FIPS 140-2 mode.
This option allows to disable entering FIPS mode if stunnel was compiled with
FIPS 140-2 support.
default: yesWhich to me says I have to compile stunnel on my own using openssl with fips libraries to build a Stunnel binary that can support FIPS 140-2 compliance -- if I download just the windows or unix binaries and install them -- then I am not going to be 140-2 compliant where I set the config file to yes or no , since the FIPS modules wont be compiled into the binary.
I'm just looking for confirmation before I take this back to the rest of my group.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users