httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@opensslfoundation.com>
Subject Re: SSL and Apache Httpd 2.4.7 [was Re: 2.4.8 This Month]
Date Thu, 20 Feb 2014 02:51:09 GMT
On 20/02/2014 02:40, William A. Rowe Jr. wrote:
> First insight, did you ./config openssl, or ./config shared?  It seems near
> impossible to use static openssl.  apr-util configure will fail since pkgconfig
> isn't consulted properly.  httpd configure would also likely fail for redundant
> symbols.
> 

A static OpenSSL FIPS build will also have problems as statically built FIPS
applications need to be linked with fipsld. It will appear to work until you try
to enable FIPS mode and you'll then get a fatal "signature does not match" error.

If you build and install a shared version of the FIPS capable OpenSSL this
shouldn't happen.

Steve.
-- 
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shenson@opensslfoundation.com

Mime
View raw message