https://issues.apache.org/bugzilla/show_bug.cgi?id=54468
--- Comment #4 from William A. Rowe Jr. <wr...@apache.org> ---
Straightforward server.xml config;
<Listener SSLEngine="on"
FIPSMode="on"
className="org.apache.catalina.core.AprLifecycleListener"/>
Since 1.0.1c Catalina error log now reports
md5_dgst.c(74): OpenSSL internal error, assertion failed: Low level API call
to digest MD5 forbidden in FIPS mode!
and proceeds to exit before initialization can be completed.
>From OpenSSL 1.0.1c changelog;
*) Low level digest APIs are not approved in FIPS mode: any attempt
to use these will cause a fatal error. Applications that really want
to use them can use the private_* version instead.
[Steve Henson]
and from OpenSSL docs since antiquity, warning that this would happen someday;
"Applications should use the higher level functions EVP_DigestInit(3)
etc. instead of calling the hash functions directly."
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
