Last week I posted a message that I had problem with FIPS enabled openssl and httpd v2.4.3. I did a little bit test today and here is what I found. The original key and certificate was generated by openssl without FIPS enabled and the key was encrypted by AES 256. When I started httpd, it prompted me for the pass phrase. I typed in correct pass phrase but it kept prompting me that the pass phrase is not correct. If I disable FIPS for the mod_ssl, I don't have problem to provide the same pass phrase and start httpd.

I striped out the pass phrase from the original private key without any other changes and I can start httpd with FIPS enabled mod_ssl no problem.

I recreated private key with AES 256 encrypted and a pass phrase (I have to provide a pass phrase) with FIPS enabled OpenSSL (v1.0.1c) and regenerated the certificate from my CA.

When I started httpd, I got pass phrase prompt and I provided the correct pass phrase and it says the pass phrase is incorrect.

My question is whether FIPS enabled mod_ssl supports pass phrase? It seems to me it does not. Thanks.

Ryan Jiang

This message (including any attachments) is intended
solely for the specific individual(s) or entity(ies) named
above, and may contain legally privileged and
confidential information. If you are not the intended
recipient, please notify the sender immediately by
replying to this message and then delete it.
Any disclosure, copying, or distribution of this message,
or the taking of any action based on it, by other than the
intended recipient, is strictly prohibited.

To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 1 | next ›
Discussion Overview
groupusers @
postedAug 29, '12 at 7:46p
activeAug 29, '12 at 7:46p

1 user in discussion

Ruiyuan Jiang: 1 post



site design / logo © 2022 Grokbase