2
0

fips.cnf 474 B

12345678910111213141516171819
  1. openssl_conf = openssl_init
  2. # Comment out the next line to ignore configuration errors
  3. config_diagnostics = 1
  4. .include fipsmodule.cnf
  5. [openssl_init]
  6. providers = provider_sect
  7. alg_section = evp_properties
  8. [evp_properties]
  9. # Ensure FIPS non-approved algorithms in the FIPS module are suppressed (e.g.
  10. # TEST-RAND). This also means that EVP_default_properties_is_fips_enabled()
  11. # returns the expected value
  12. default_properties = "fips=yes"
  13. [provider_sect]
  14. fips = fips_sect