Subject: | |
From: | |
Reply To: | |
Date: | Tue, 27 Jun 2006 11:17:28 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On 6/27/06, John W. Hill <[log in to unmask]> wrote:
> I'm running SL_4.2 and I am required by my employer to begin using
> OpenSSL-fips-2.0 within a few weeks. I don't have a problem building and
> installing from the source, however, I'm not sure what other
> applications I will break once the new openssl takes over.What do I do
> with the existing OpenSSL, leave it, remove it? I'm also running SSH
> and VSFTPD on this server. Any recommendations on how best to approach
> this? Thanks.
>
There are several factors driving towards using FIPS SSL. If you are
supposed to use it in your project and that alone then you could
install it in /usr/local and use that for your development. If your
parent agency is needing FIPS compliant for all of its computers then
you will need to do a large rebuilding process for all applications
that link to the SSL libraries.
Basically, you could build a new FIPS openssl rpm and then rebuild the
following packages:
NetworkManager-0:0.3.1-3.i386
xmlsec1-openssl-0:1.2.6-3.i386
perl-Crypt-SSLeay-0:0.51-5.i386
kdelibs-6:3.3.1-3.14.i386
crypto-utils-0:2.1-4.i386
openssl-devel-0:0.9.7a-43.8.i386
mod_ssl-1:2.0.52-22.ent.i386
authd-0:1.4.3-2.i386
libpcap-14:0.8.3-10.RHEL4.i386
openldap-servers-0:2.2.13-4.i386
xmlsec1-openssl-devel-0:1.2.6-3.i386
sendmail-0:8.13.1-2.i386
dovecot-0:0.99.11-2.EL4.1.i386
tog-pegasus-1:2.4.1-4.4.rhel4.i386
exim-0:4.43-1.RHEL4.5.i386
curl-0:7.12.1-8.rhel4.i386
openssl-perl-0:0.9.7a-43.8.i386
postfix-2:2.1.5-4.2.RHEL4.i386
> John
>
> --
> +-----------------------------------+
> + John W. Hill, Electronic Engineer +
> + NOAA Aircraft Operations Center +
> + Science and Engineering Division +
> + MacDill AFB, FL 33608 +
> + +
> + Office: 813.828.3310 x3108 +
> + Cell: 813.833.8518 +
> + FAX: 813.828.5061 +
> +-----------------------------------+
>
>
>
>
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
|
|
|