[stunnel-users] stunnel FIPS mode 140-2/ Other Modes

mehmet ozisik mehmetzsk at gmail.com
Mon Jun 24 16:07:21 CEST 2013

Hi All,

I would like to ask a question about stunnel fips mode. There are lots of
question and answers on the internet related with this, but I could not
find any answer related with mine.
I am compiling with openssl (auto detecting fips) . Here is a part of
confgiure output :

checking for FIPS_mode_set... yes
configure: FIPS mode detected

So I am thinking that fips also is being included.
Then I try to run stunnel on target platform (in stunnel.conf fips=yes)
and it gives below error :

Compiled/running with OpenSSL 0.9.8w-fips 23 Apr 2012
Reading configuration from file stunnel.conf
FIPS_mode_set: 2D06906E: error:2D06906E:FIPS
routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match

there are lots of information about this errror on internet.
Then when I configure stunnel.conf with fips=no, stunnel is running

I know that fips=yes means that enables FIPS 140-2 mode and I guess my fips
canister does not supoort fips 140-2 mode (I do not know which fips mode it
has supported).
Now my question is coming :

When I set fips=no, stunnel also starts with other available fips modes
which the canister included?
Or it skips running fips mode completely?

Plase inform me if anyone has any idea?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20130624/29d81408/attachment.html>

More information about the stunnel-users mailing list