tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Tomcat, OpenSSL and FIPS
Date Sun, 30 Jan 2011 14:20:23 GMT

On 1/27/2011 3:54 PM, Chris Beckey wrote:
> Chris,
>   To set some context, I posted on the tomcat users list serve a question about running
OpenSSL in FIPS mode under Tomcat.
>   The last communication was that you may investigate an enhancement.
>   Since then, one of my co-workers took on the C coding side and I took on the Java side.
 I believe that we have it running now but I still have testing to complete before I'd call
it stable
>   As you may know the FIPS compliant version of OpenSSL is not the current version. 
What we have running is:
>   Tomcat V 6.0.20
>   OpenSSL FIPS module V 1.2.2
>   Open SSL V 0.9.6q
>   tcnative V 1.1.20
>   APR V 1.4.2
>   I have found that the versions used are critical, these were the newest versions of
the libraries I could get to work together, with the exception of Tomcat itself.   Usage of
6.0.20 is simply because that is what our application is to be released on.
>   Anyway, the point of this email is to inquire whether you would like the code for integration
back into the code base?  I also have a fairly detailed list of steps used to do the build(s).

Absolutely! Please post patches to the existing bugzilla entry and they
will be reviewed by the team.

In the future, it would be better to post this kind of thing to the
tomcat-dev mailing list (cc'd here).


View raw message