[prev in list] [next in list] [prev in thread] [next in thread]
List: syslog-ng
Subject: Re: [syslog-ng] Using FIPS complaint OpenSSL with syslog-ng OSE
From: Gergely Nagy <algernon () madhouse-project ! org>
Date: 2015-07-17 8:55:05
Message-ID: 87fv4ni2om.fsf () madhouse-project ! org
[Download RAW message or body]
>>>>> "Saurabh" == Saurabh Shukla <saurabh@purestorage.com> writes:
Saurabh> I see that syslog-ng OSE uses OpenSSL libraries for TLS support.
Saurabh> If my system has FIPS complaint OpenSSL installed, will syslog-ng OSE use
Saurabh> those FIPS compliant libraries for TLS support? Do I need any change in the
Saurabh> syslog-ng OSE's configuration for this?
You can make syslog-ng OSE use the FIPS compliant OpenSSL libraries, but
a lot of things will fail horribly. For example, SQL won't work, and you
will likely need to compile syslog-ng OSE with SQL
disabled. Furthermore, what you will get will *NOT* be FIPS compliant,
because FIPS requires a lot more than using a FIPS-compliant OpenSSL
library.
If you need FIPS compliance, syslog-ng PE can provide that, OSE won't:
even if it starts up (and I have my doubts it would), it will still not
be FIPS compliant.
--
|8]
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic