[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[monit-dev] [PATCH] add support for FIPS-140 mode when available in Open
From: |
Lior Okman |
Subject: |
[monit-dev] [PATCH] add support for FIPS-140 mode when available in OpenSSL |
Date: |
Thu, 22 Jul 2010 17:35:16 +0300 |
Hi all,
Please find attached a patch to add support for enabling FIPS-140 mode in Monit.
This requires an OpenSSL installation that supports FIPS-140 (see
http://openssl.org/docs/fips/ for details).
The patch does the following:
1. Add a global "set fips" directive to enable FIPS-140 mode.
2. Force using TLSv1 instead of SSLv23 (as per FIPS-140 requirements)
3. Disable the certmd5 option when in FIPS mode since md5 is not
available when in FIPS-140 mode.
Regards,
Lior Okman
monit-fips.diff
Description: Text Data
- [monit-dev] [PATCH] add support for FIPS-140 mode when available in OpenSSL,
Lior Okman <=